www.ensonhaber.com Open in urlscan Pro
104.22.72.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ensonhaber.com/
Effective URL:
https://www.ensonhaber.com/
Submission Tags: tranco_l324
Submission: On October 27 via api (October 27th 2021, 3:11:45 am UTC) from DE — Scanned from DE

Summary HTTP 122 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 28 domains to perform 122 HTTP transactions. The main IP is 104.22.72.231, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ensonhaber.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.

This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.22.73.231 104.22.73.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 33	104.22.72.231 104.22.72.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.67.4.66 172.67.4.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
5	23.83.122.236 23.83.122.236	7979 (SERVERS-COM) (SERVERS-COM)
6	104.18.226.52 104.18.226.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.84 143.204.98.84	16509 (AMAZON-02) (AMAZON-02)
3 7	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
1	3.142.157.144 3.142.157.144	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	23.111.115.244 23.111.115.244	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
3	173.237.60.36 173.237.60.36	7979 (SERVERS-COM) (SERVERS-COM)
1	23.111.115.236 23.111.115.236	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	35.186.238.232 35.186.238.232	15169 (GOOGLE) (GOOGLE)
1	135.148.55.36 135.148.55.36	16276 (OVH) (OVH)
1 2	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3 4	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
5	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1 1	52.18.71.64 52.18.71.64	16509 (AMAZON-02) (AMAZON-02)
3 3	18.192.95.190 18.192.95.190	16509 (AMAZON-02) (AMAZON-02)
122	35

1 104.22.73.231 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 104.22.72.231 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.4.66 (United States)

ASN13335 (CLOUDFLARENET, US)

icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.83.122.236 (Netherlands)

ASN7979 (SERVERS-COM, US)

emea.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
emeax.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.226.52 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 87.250.250.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.142.157.144 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-157-144.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Arlington, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.115.244 (Russian Federation)

ASN7979 (SERVERS-COM, US)

logs.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.237.60.36 (Dallas, United States)

ASN7979 (SERVERS-COM, US)

uscdn.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.115.236 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cdn.viadata.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.232 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com

ads.viralize.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.55.36 (United States)

ASN16276 (OVH, FR)
PTR: ns1007673.ip-135-148-55.us

n.ap1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.157 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.96.200.41 (Washington, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.71.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-71-64.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.95.190 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-95-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ensonhaber.com 2 redirects ensonhaber.com www.ensonhaber.com icdn.ensonhaber.com m.ensonhaber.com	1 MB
14	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	225 KB
11	viadata.store emea.viadata.store emeax.viadata.store logs.viadata.store uscdn.viadata.store cdn.viadata.store rtb-msk-2.viadata.store Failed	857 KB
9	googlesyndication.com 48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	44 KB
6	onesignal.com cdn.onesignal.com onesignal.com img.onesignal.com	101 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	aralego.com 4 redirects ads.aralego.com sync.aralego.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	1 KB
2	google.de www.google.de adservice.google.de	1 KB
2	google.com www.google.com adservice.google.com	1021 B
2	aralego.net cdn.aralego.net	5 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	919 B
1	googleapis.com fonts.googleapis.com	1 KB
1	dyntrk.com n.ap1.dyntrk.com	224 B
1	viralize.tv ads.viralize.tv	304 B
1	googletagservices.com www.googletagservices.com	27 KB
1	onetag-sys.com onetag-sys.com	823 B
1	pubmatic.com ads.pubmatic.com	3 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
122	28

	Domain	Requested by
37	icdn.ensonhaber.com	www.ensonhaber.com icdn.ensonhaber.com
11	securepubads.g.doubleclick.net	icdn.ensonhaber.com securepubads.g.doubleclick.net www.ensonhaber.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	mc.yandex.com	2 redirects www.ensonhaber.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.ensonhaber.com
4	sync.aralego.com	3 redirects ads.aralego.com
3	x.bidswitch.net	3 redirects
3	48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	uscdn.viadata.store	emeax.viadata.store
3	emeax.viadata.store	www.ensonhaber.com
3	onesignal.com	cdn.onesignal.com
3	www.ensonhaber.com	1 redirects static.cloudflareinsights.com
2	cm.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.search.spotxchange.com	1 redirects www.ensonhaber.com
2	dmg.digitaltarget.ru	1 redirects
2	logs.viadata.store	www.ensonhaber.com
2	cdn.aralego.net	www.ensonhaber.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects www.ensonhaber.com
2	cdn.onesignal.com	www.ensonhaber.com cdn.onesignal.com
2	emea.viadata.store	www.ensonhaber.com
1	img.onesignal.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	n.ap1.dyntrk.com	www.ensonhaber.com
1	ads.viralize.tv	www.ensonhaber.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	m.ensonhaber.com	icdn.ensonhaber.com
1	cdn.viadata.store	www.ensonhaber.com
1	www.google.de	www.ensonhaber.com
1	www.google.com	www.ensonhaber.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	icdn.ensonhaber.com
1	onetag-sys.com	www.ensonhaber.com
1	ads.aralego.com	1 redirects www.ensonhaber.com
1	ads.pubmatic.com	www.ensonhaber.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.ensonhaber.com
1	certify.alexametrics.com	www.ensonhaber.com
1	certify-js.alexametrics.com	www.ensonhaber.com
1	static.cloudflareinsights.com	www.ensonhaber.com
1	www.googletagmanager.com	www.ensonhaber.com
1	ensonhaber.com	1 redirects
0	rtb-msk-2.viadata.store Failed	www.ensonhaber.com
122	46

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
ensonhaber.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.viadata.store Sectigo RSA Domain Validation Secure Server CA	`2020-11-17` - `2021-11-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
onetag-sys.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.viralize.tv Sectigo RSA Domain Validation Secure Server CA	`2019-10-21` - `2021-11-18`	2 years	crt.sh
n.ap1.dyntrk.com R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: 9A6E6B20A11B4DC71290FA1BA61BB23C
Requests: 113 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7516a748d25c406
Frame ID: 6D7BB195B1F8E742EC59FA88C7B4539D
Requests: 1 HTTP requests in this frame

Frame: https://emeax.viadata.store/js/210830.js
Frame ID: 6580E4A1BA19D51157DE442407D73033
Requests: 9 HTTP requests in this frame

Frame: https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A5159A8D59192956346CC7EC2B141D35
Requests: 1 HTTP requests in this frame

Frame: https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3888C3D9C21FBC12BEFD93089533F691
Requests: 1 HTTP requests in this frame

Frame: https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6EA1D0B280706F1F4355463BBBC78EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ensonhaber.com/ HTTP 301
http://www.ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

91 %
HTTPS

0 %
IPv6

28
Domains

46
Subdomains

35
IPs

6
Countries

2645 kB
Transfer

4835 kB
Size

26
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CP_x5a8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSKAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYuhK3gRGMI6uswmPA4a7xEPHmUYbITdwb7tz1WjvXGcWRnaBFPiIeFg1wASJxLWX1wPgBAGgBi6AB9TQnuUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHbEJvCHiCvwfih6ACgOYCwHICwGADAG4DAG4E4gn2BMM0BUBgBcB&ae=1&num=1&sig=AOD64_1HACJMBm94Lm-fCGz5qK-JydpR9Q&client=ca-pub-8601585505701947&nb=9&adurl=https://clear.co/landing/de/fur-grunder/%3Futm_source%3Dadwords%26utm_medium%3Dppc%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE%26utm_campaignid%3D14995021911%26utm_adgroupid%3D%26utm_adid%3D%26utm_term%3D%26utm_matchtype%3D%26utm_campaign%3D%26utm_adgroup%3D%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CP_x5a8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSKAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYuhK3gRGMI6uswmPA4a7xEPHmUYbITdwb7tz1WjvXGcWRnaBFPiIeFg1wASJxLWX1wPgBAGgBi6AB9TQnuUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHbEJvCHiCvwfih6ACgOYCwHICwGADAG4DAG4E4gn2BMM0BUBgBcB&ae=1&num=1&sig=AOD64_1HACJMBm94Lm-fCGz5qK-JydpR9Q&client=ca-pub-8601585505701947&nb=0&adurl=https://clear.co/landing/de/fur-grunder/%3Futm_source%3Dadwords%26utm_medium%3Dppc%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE%26utm_campaignid%3D14995021911%26utm_adgroupid%3D%26utm_adid%3D%26utm_term%3D%26utm_matchtype%3D%26utm_campaign%3D%26utm_adgroup%3D%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE
Title: E-Commerce Financing

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CP_x5a8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSKAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYuhK3gRGMI6uswmPA4a7xEPHmUYbITdwb7tz1WjvXGcWRnaBFPiIeFg1wASJxLWX1wPgBAGgBi6AB9TQnuUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHbEJvCHiCvwfih6ACgOYCwHICwGADAG4DAG4E4gn2BMM0BUBgBcB&ae=1&num=1&sig=AOD64_1HACJMBm94Lm-fCGz5qK-JydpR9Q&client=ca-pub-8601585505701947&nb=7&adurl=https://clear.co/landing/de/fur-grunder/%3Futm_source%3Dadwords%26utm_medium%3Dppc%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE%26utm_campaignid%3D14995021911%26utm_adgroupid%3D%26utm_adid%3D%26utm_term%3D%26utm_matchtype%3D%26utm_campaign%3D%26utm_adgroup%3D%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE
Title: Get up to €10M without giving up a piece of yourbusiness. Apply now.

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CP_x5a8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSKAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYuhK3gRGMI6uswmPA4a7xEPHmUYbITdwb7tz1WjvXGcWRnaBFPiIeFg1wASJxLWX1wPgBAGgBi6AB9TQnuUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHbEJvCHiCvwfih6ACgOYCwHICwGADAG4DAG4E4gn2BMM0BUBgBcB&ae=1&num=1&sig=AOD64_1HACJMBm94Lm-fCGz5qK-JydpR9Q&client=ca-pub-8601585505701947&nb=8&adurl=https://clear.co/landing/de/fur-grunder/%3Futm_source%3Dadwords%26utm_medium%3Dppc%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE%26utm_campaignid%3D14995021911%26utm_adgroupid%3D%26utm_adid%3D%26utm_term%3D%26utm_matchtype%3D%26utm_campaign%3D%26utm_adgroup%3D%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CP_x5a8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSKAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYuhK3gRGMI6uswmPA4a7xEPHmUYbITdwb7tz1WjvXGcWRnaBFPiIeFg1wASJxLWX1wPgBAGgBi6AB9TQnuUCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHbEJvCHiCvwfih6ACgOYCwHICwGADAG4DAG4E4gn2BMM0BUBgBcB&ae=1&num=1&sig=AOD64_1HACJMBm94Lm-fCGz5qK-JydpR9Q&client=ca-pub-8601585505701947&nb=1&adurl=https://clear.co/landing/de/fur-grunder/%3Futm_source%3Dadwords%26utm_medium%3Dppc%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE%26utm_campaignid%3D14995021911%26utm_adgroupid%3D%26utm_adid%3D%26utm_term%3D%26utm_matchtype%3D%26utm_campaign%3D%26utm_adgroup%3D%26gclid%3DEAIaIQobChMIo_mJn8_p8wIV2gqLCh2QNwLwEAEYASAAEgKqpPD_BwE
Title: Clearco

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAU4W1tbW3RydWUsWzEwXSxudWxsLG51bGwsbnVsbCxbIjgwMTM5Il1dLFtudWxsLCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUNQX3g1YThONFllT1hMTnFWckFTUTc0aUFENkc1b185bGlOX0s3dm9POVpqZzg4b0JFQUVnMW9iYkpXQ1Znb0NBbUFlZ0FaRENuY0FCeUFFSjRBSUFxQU1CeUFNS3FnU0tBa19RYmdkQ2FXQWN0WWtNSU1QeUlaOWlvV2d1NklkbHlVUHNtVHdYX0JsZW9jSnRLd0djM3NjZWpkVFhiWWJGTWF3OVJ3SWx0dEFRS1pLNnc0UlpkdEtBc2dnMjY5NlpwZWRQZ2Z2bnVEVlJ3emVILUtreWRRLWNMYXplb0ZjQk9YNzR2RmNjRFFzdmF1OWlrR0lhUzhkX1d3b1o4eWp0TzRRN2tlX21iOXFVenBtUDgzV2pyQzlxWFhIRXdfdGxURjV1R0dBM2dpVzZTRmJHbjdMOFZ2T1R5Vm1rUXdDUWhrOEtDUXZZT0wxRGI1QkZXbVZaVzBadDY5MHdTeEdLczF1OWV3Vkd1dlJ5WGE5S0tMaUgzMk5Ibnc4WXVsYzBQZ0Fqc3IzdmFQOGpZdWhLM2dSR01JNnVzd21QQTRhN3hFUEhtVVliSVRkd2I3dHoxV2p2WEdjV1JuYUJGUGlJZUZnMXdBU0p4TFdYMXdQZ0JBR2dCaTZBQjlUUW51VUNxQWZ3MlJ1b0JfTFpHNmdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZnowUnVvQjViWUc2Z0hxcHV4QXFnSDM1LXhBdGdIQU5JSUNRaUk0WUFRRUFFWUhiRUp2Q0hpQ3Z3ZmloNkFDZ09ZQ3dISUN3R0FEQUc0REFHNEU0Z24yQk1NMEJVQmdCY0JcdTAwMjZzaWdoPTdnUUUtX2JOV0pvXHUwMDI2Y2lkPUNBUVNQZ0NOSXJMTURzOFBJLU5vanN2NWxVUVhTeFdORVU2Y3RsNXNmeW9HS1BLOWZKcUtjWnFfVDlGNS1FNkI4U1ltODVURXZRYjdYT3ZWU2VTZmdwSGQiLFtudWxsLG51bGwsbnVsbCwiaHR0cHM6Ly9kaXNwbGF5YWRzLWZvcm1hdHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tL2Fkcy9wcmV2aWV3L2NvbnRlbnQuanM_Y2xpZW50PXd0YVx1MDAyNm9iZnVzY2F0ZWRDdXN0b21lcklkPTgyMDgwOTY2OTNcdTAwMjZjcmVhdGl2ZUlkPTU1NDIzNTExNDg3NFx1MDAyNnZlcnNpb25JZD0wXHUwMDI2YWRHcm91cENyZWF0aXZlSWQ9NTE0MDE3Mzc0MDg4XHUwMDI2aHRtbFBhcmVudElkPXByZXYtMFx1MDAyNmhlaWdodD0yNTBcdTAwMjZ3aWR0aD05NzBcdTAwMjZzaWc9QUNpVkJfeWM3eVVaeGtGdmtJcmZZTkJwb0pSdDBBc3JEUSJdLG51bGwsbnVsbCwxLCJ0WTRKLVMzOXJUb0lpTl9LN3ZvT0VLU2szdTgzR04zTW51WUNJZ2hqYkdWaGNpNWpieklJQ0FVVEdPS2hFaFJDRjJOaExYQjFZaTA0TmpBeE5UZzFOVEExTnpBeE9UUTNTQVpZTG1DSUozQUIiLCIxNDk5ODI3ODY5MiJdXV0sWzEsMSwxLDFdXVj-vhd2RwQv7upfe5BSAT0CFwc0vim3k64gAXltm6p_a8RSqpk8hTqAu3p6N1tb_dujKLKkdhyRq6uL9Qst3ohSHGYnrDdAwR0-4s7jmt5sITZYuWiWZ0LscIJqjn6mYFNsYD1FwlHxUNA9fqRbpj1Hkc3s08Y-nbY9vcV9kFwVWCrDD4I2_ZPj2Q7OC1NYgCqZF5MZYgpgrB-UbGLCWrbe9pyKCNbZfCAC1-1ML8XcPuahXS1OdKAuKPfiJus10Xlnc9WapEIDlEULrn-uQDXJEZZbwy3oeb_VVp6j_mz4N54NkveQvIBbKQcOZ2iIFfT_Rr3ymEoP-FlboNj04Kc,D4NdmZ52K8YtXFr2wFm5kg&source=display

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ensonhaber.com/ HTTP 301
http://www.ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://ads.aralego.com/cookiesync HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9438.XBlLZSLAMTMhznILYH5XcJRENaxBwvy_Y2OYYiPhZjoDd19YrJhakWghMyoFsb66.ow3iqliEWtAJdxFkSU580cXH_E0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9438.l0nYMXhmtzjIWLQ3EPrkzqTXZUXWrarE3ryO5JKJKDV6rrQpKgpPIh-fDG6I_yg4JWK190jSv1eD5jmQ6Yj9NQ%2C%2C.qPshdAFS9WPKnohLoLj8gzfYFkY%2C

Request Chain 59

https://mc.yandex.com/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A14065830395%3Ahid%3A446191471%3Az%3A0%3Ai%3A202101027031139%3Aet%3A1635304299%3Ac%3A1%3Arn%3A326384659%3Arqn%3A1%3Au%3A1635304299274373556%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635304298397%3Ads%3A0%2C34%2C114%2C34%2C162%2C0%2C%2C133%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C34%2C114%2C34%2C161%2C0%2C%2C179%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635304299%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A14065830395%3Ahid%3A446191471%3Az%3A0%3Ai%3A202101027031139%3Aet%3A1635304299%3Ac%3A1%3Arn%3A326384659%3Arqn%3A1%3Au%3A1635304299274373556%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635304298397%3Ads%3A0%2C34%2C114%2C34%2C162%2C0%2C%2C133%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C34%2C114%2C34%2C161%2C0%2C%2C179%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635304299%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29ti%282%29

Request Chain 87

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299

Request Chain 88

https://sync.search.spotxchange.com/partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122&__user_check__=1&sync_id=9a596e7e-36d3-11ec-b1ec-153cf9b00206

Request Chain 119

https://sync.aralego.com/idsync HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/734f3f9d-ab60-3ab6-b834-c2b18450e650?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-yOZDGoRE2oUoEH5vI1rCO4EvHV.cfsfwqtqWETw-~A&redirect= HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=734f3f9d-ab60-3ab6-b834-c2b18450e650&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=734f3f9d-ab60-3ab6-b834-c2b18450e650&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=efcabb08-7fa6-4246-9b06-92a4fe42b356&google_hm=ZWZjYWJiMDgtN2ZhNi00MjQ2LTliMDYtOTJhNGZlNDJiMzU2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGqmdpUZ_RQouag6f7bVlfc&google_cver=1&ssp=ucfunnel&bsw_param=efcabb08-7fa6-4246-9b06-92a4fe42b356 HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=efcabb08-7fa6-4246-9b06-92a4fe42b356 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NzM0ZjNmOWQtYWI2MC0zYWI2LWI4MzQtYzJiMTg0NTBlNjUw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

122 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ensonhaber.com/
Redirect Chain

http://ensonhaber.com/
http://www.ensonhaber.com/
https://www.ensonhaber.com/

190 KB
24 KB

149ms
114ms

Document
text/html

104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.14
Resource Hash: 43c081ca9391ac9fcd5624abd5c6da46827d2f43c14273731ca48863d3b7dfea

Request headers

:method: GET
:authority: www.ensonhaber.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a48bcfa4f614119-PRG
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-powered-by: PHP/7.2.14
x-server-count: c4
server: cloudflare
content-encoding: br

Redirect headers

Date: Wed, 27 Oct 2021 03:11:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 27 Oct 2021 04:11:38 GMT
Location: https://www.ensonhaber.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a48bcf9eb8c4132-PRG

GET
H2 200 main.min.css
icdn.ensonhaber.com/cdn/desktop/css/ 138 KB
26 KB 35ms
25ms Stylesheet
text/css 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 938462
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 05 Apr 2021 12:53:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
cf-ray: 6a48bcfba89b4119-PRG
expires: Tue, 07 Dec 2021 11:34:50 GMT

GET
H2 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
34 KB 60ms
50ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 0a75f9ff60000005ccba037000000001
last-modified: Mon, 24 May 2021 13:32:00 GMT
server: cloudflare
etag: W/"60abaad0-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfba89d4119-PRG
cf-bgj: minify

GET
H2 200 home.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 239 KB
68 KB 65ms
55ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/home.js?v=2.0.0.0.5.0.1
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b89e9045ee5ee56caf230cdeca9b4d7df088fc35b154030f350b1cd172386c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 24 May 2021 13:32:00 GMT
server: cloudflare
etag: W/"60abaad0-3bd4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfba89c4119-PRG
cf-bgj: minify

GET
H2 200 sf-r.woff2
icdn.ensonhaber.com/cdn/desktop/fonts/ 28 KB
28 KB 209ms
39ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/sf-r.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 28560
cf-request-id: 0aacc5f9f300004dcaa62d3000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-6f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8944125-PRG

GET
H2 200 h-m.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
89 KB 208ms
38ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-m.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 90660
cf-request-id: 0aacc5fa6400004edf5e319000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-16224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8954125-PRG

GET
H2 200 esh-icon.ttf
icdn.ensonhaber.com/cdn/desktop/fonts/ 12 KB
12 KB 222ms
53ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/esh-icon.ttf?v=1.4
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: BYPASS
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 11912
cf-request-id: 07710d83cf0000176eecaa1000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-2e88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8964125-PRG

GET
H2 200 h-sb.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
89 KB 208ms
39ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-sb.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 91284
cf-request-id: 0aacc5fe9700002bddc6012000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-16494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8974125-PRG

GET
H2 200 logo.png
icdn.ensonhaber.com/cdn/desktop/img/ 14 KB
15 KB 35ms
34ms Image
image/png 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/logo.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 938462
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 14744
cf-request-id: 0aace9c38e000005c485a63000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-3998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfc591c4119-PRG
expires: Fri, 13 Aug 2021 16:17:54 GMT

GET
H2 200 ensonhaber_620x80_22102021.png
icdn.ensonhaber.com/cdn/karma/bitexen/ 23 KB
23 KB 23ms
22ms Image
image/webp 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/karma/bitexen/ensonhaber_620x80_22102021.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d26858454ecd4e9b399772b72515ae571246f67c1206563ce7bf69ff1cdf23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 405085
cf-polished: origFmt=png, origSize=25521
x-msg-hkn: /
content-length: 23552
content-disposition: inline; filename="ensonhaber_620x80_22102021.webp"
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 22 Oct 2021 10:31:52 GMT
server: cloudflare
etag: "61729318-63b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 21 Dec 2021 10:37:01 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfc49064119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 33-s.png
icdn.ensonhaber.com/cdn/mobil/assets/img/weather/ 3 KB
3 KB 35ms
35ms Image
image/webp 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/mobil/assets/img/weather/33-s.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 778cb408a885ba78f5ed380f3b3e61ea08ab505fbbf59eee126cb3c8e55eb6c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 548224
cf-polished: origFmt=png, origSize=4692
x-msg-hkn: /
content-length: 2998
content-disposition: inline; filename="33-s.webp"
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 15 Mar 2020 15:34:41 GMT
server: cloudflare
etag: "5e6e4b11-1254"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 14 Dec 2021 23:45:55 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfc591d4119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 doviz-burosu-kepenk-kapatma_1030.jpg
icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/ 118 KB
118 KB 72ms
71ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/doviz-burosu-kepenk-kapatma_1030.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c2a731caa5e76f479cec12d5aedd00dbcf736d43f3e3d6fb1e864eec2cb234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 120597
last-modified: Wed, 27 Oct 2021 00:51:25 GMT
server: cloudflare
etag: "6178a28d-1d715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 6a48bcfc49054119-PRG
expires: Sun, 26 Dec 2021 00:51:25 GMT

GET
H2 200 ph.png
icdn.ensonhaber.com/cdn/desktop/img/ 38 B
338 B 27ms
26ms Image
image/webp 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/ph.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb5a8c3317c13577fc5fb09faaf465f5e7aca64b4e243a492c2c8981cbdf97a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 938462
cf-polished: origFmt=png, origSize=939
x-msg-hkn: /
content-length: 38
content-disposition: inline; filename="ph.webp"
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 0aacccc73d0000074a57b37000000001
last-modified: Thu, 09 Jul 2020 11:18:28 GMT
server: cloudflare
etag: "5f06fd04-3ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 13 Aug 2021 15:46:14 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfc49094119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 aa_3076.jpg
icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/ 41 KB
41 KB 61ms
60ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/aa_3076.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b38e7c756908ae47d4f21c3c0c965525d67ded6f60c8217553dc311eea01bcb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
cf-polished: origSize=43645, status=webp_bigger
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 41823
last-modified: Wed, 27 Oct 2021 03:03:04 GMT
server: cloudflare
etag: "6178c168-aa7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 26 Dec 2021 03:03:04 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 6a48bcfc49044119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 cattop-placeholder.gif
icdn.ensonhaber.com/cdn/desktop/img/ 3 KB
3 KB 47ms
46ms Image
image/gif 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/cattop-placeholder.gif
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
cf-polished: status=not_needed
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 3311
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 07:29:42 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfcb9674119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 aa_6635.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2021/10/27/ 7 KB
7 KB 48ms
48ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2021/10/27/aa_6635.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bd50b3d3a4199a94648f0dddefeaceb7c67ab0452263e86612b3c71fee0b74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 7529
hakan: 227
x-msg-cdn: 02
server: cloudflare
etag: "5ca2cf671d294f6df68e82626477452a33c8de9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfc490a4119-PRG
expires: Thu, 28 Oct 2021 02:50:21 GMT

GET
H2 200 ekvador_2161.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/ 10 KB
10 KB 48ms
47ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/ekvador_2161.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a220562ea3746e5cd1647de651b5fbb1e2874c946d28fa91ccc42af1012656e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 10036
hakan: 227
x-msg-cdn: 02
server: cloudflare
etag: "0d3bc9af452ce7019ae636f04ad5d11a00e9dfc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfc49074119-PRG
expires: Thu, 28 Oct 2021 01:56:15 GMT

GET
H2 200 meksika_3880.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/ 8 KB
9 KB 49ms
48ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/meksika_3880.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc04b0840cb61b0d573b6fcf3db639bc42f8ca03874128e4a0ae18775cb08ddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 8680
hakan: 227
x-msg-cdn: 02
server: cloudflare
etag: "af918ef4b1a42f83a14c123440fbcc3783e13910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfc49034119-PRG
expires: Thu, 28 Oct 2021 01:41:42 GMT

GET
H2 200 nijerya_8217.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/ 8 KB
8 KB 22ms
21ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2021/10/27/nijerya_8217.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1908deb81c845173bf379ceda85f8ace078f51235e6d64440bbef050e8177ee3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5554
cf-polished: origSize=8109, status=webp_bigger
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "21754b289346d4085bb3c86ef2416636d7bdefda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 28 Oct 2021 01:31:24 GMT
cache-control: max-age=86400,public
content-length: 7981
cf-ray: 6a48bcfc49014119-PRG
x-msg-cdn: 02

GET
H2 200 iklim-degisikligi_6959.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2021/10/27/ 8 KB
8 KB 21ms
21ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2021/10/27/iklim-degisikligi_6959.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d99c827b07d8851fc1956175211d9454b7b796b83dbd0db036fbccc9876752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 13062
cf-polished: origSize=8071, status=webp_bigger
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "56cd070fec84cbdca2bbf74c9f6f5a3c1af54725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 27 Oct 2021 23:33:08 GMT
cache-control: max-age=86400,public
content-length: 7902
cf-ray: 6a48bcfc49024119-PRG
x-msg-cdn: 01

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 181ms
21ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ae79030c8419cdbaf850e422ee28e3a78f0bc90391c5c1ef722c71d83108ce6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35752
x-xss-protection: 0
expires: Wed, 27 Oct 2021 03:11:38 GMT

GET
H2 200 load.js Show response
emea.viadata.store/tag/ 9 KB
5 KB 226ms
17ms Script
application/javascript 23.83.122.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://emea.viadata.store/tag/load.js?sid=104366
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.122.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 5d433c8a18c60c2a39c52e67839befdddfcdda0b3e0b6fc7bfad3b7b6f1bc1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
server: nginx/1.19.5
content-encoding: gzip
content-type: application/javascript

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 179ms
18ms Script
application/javascript 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3325
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a48bcfcaac32794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Oct 2021 03:11:38 GMT

GET
H2 200 cookieconsent.min.css
icdn.ensonhaber.com/Assets/ 5 KB
1 KB 29ms
29ms Stylesheet
text/css 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.css?v=2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 938462
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 0aad39814100004e98eda7e000000001
last-modified: Mon, 21 Sep 2020 14:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
cf-ray: 6a48bcfbe8c04119-PRG
expires: Fri, 13 Aug 2021 17:45:00 GMT

GET
H2 200 cookieconsent.min.js Show response
icdn.ensonhaber.com/Assets/ 9 KB
3 KB 49ms
48ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 077177872900002b4dbc093000000001
last-modified: Mon, 21 Sep 2020 14:11:45 GMT
server: cloudflare
etag: W/"5f68b4a1-226a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfcb9694119-PRG

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 197ms
40ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6a48bcfcace9412b-PRG

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 129ms
7ms Script
application/javascript 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 15757452
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ZToNwVFkecgo9bM48M2bY5qaPBlkytSYhoC4zShXCZiof0MWVbOgNQ==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 185ms
63ms Script
application/javascript 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

a3dcfbd6b446166e10db7767829d5aa85c27e2d1116dc998af3a932d0aaed58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
content-encoding: br
last-modified: Mon, 25 Oct 2021 12:24:54 GMT
etag: "617677e6-101d2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 66002
expires: Wed, 27 Oct 2021 04:11:38 GMT

GET
H2 200 09d.svg
icdn.ensonhaber.com/cdn/desktop/img/ 852 B
535 B 64ms
64ms Image
image/svg+xml 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/09d.svg
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 077119b0ba0000176276951000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: W/"5ea5b1b7-354"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfc591b4119-PRG

GET
H2 200 sprite.png
icdn.ensonhaber.com/cdn/desktop/img/ 3 KB
3 KB 58ms
57ms Image
image/png 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/sprite.png
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0231b27572b5dc6645a5789784a2a8e0af787e190116a95ce7a31cb1a828bcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 3353
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfc49084119-PRG
expires: Tue, 21 Dec 2021 17:58:59 GMT

GET
H2 200 telegramicon.png
icdn.ensonhaber.com/cdn/desktop/img/ 445 B
578 B 47ms
46ms Image
image/png 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/telegramicon.png
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 118a64d2ac459475fba4f102b7150cb2ab0d31f6d37ee8015a65a7a0ca8c1a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 445
last-modified: Mon, 05 Apr 2021 12:48:11 GMT
server: cloudflare
etag: "606b070b-1bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 6a48bcfcb96a4119-PRG
expires: Tue, 21 Dec 2021 17:58:59 GMT

GET
H2 200 h-r.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 86 KB
86 KB 131ms
22ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-r.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 87724
cf-request-id: 07710f763400002bdd93944000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-156ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8914125-PRG

GET
H2 200 h-l.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 76 KB
76 KB 146ms
38ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-l.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 77436
cf-request-id: 07710f76360000973cd306c000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-12e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8924125-PRG

GET
H2 200 h-b.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 83 KB
84 KB 145ms
39ms Font
application/octet-stream 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-b.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.0.1
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:38 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3362
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 85472
cf-request-id: 0771019e1e00002bf6989be000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-14de0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a48bcfca8934125-PRG

GET
H2 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
34 KB 51ms
51ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.0.1
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 24 May 2021 13:32:00 GMT
server: cloudflare
etag: W/"60abaad0-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfcb96b4119-PRG
cf-bgj: minify

GET
H2 200 vignette.js Show response
icdn.ensonhaber.com/cdn/interstitial/ 6 KB
2 KB 48ms
47ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.0.1
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 17 May 2021 18:42:21 GMT
server: cloudflare
etag: W/"60a2b90d-1732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfcb96c4119-PRG
cf-bgj: minify

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 27ms
7ms Image
image/gif 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&time=1635304298988&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.ensonhaber.com%2F&random_number=14466650110&sess_cookie=9a5400b117cbfbb59ec7714fb9e&sess_cookie_flag=1&user_cookie=9a5400b117cbfbb59ec7714fb9e&user_cookie_flag=1&dynamic=true&domain=ensonhaber.com&account=DIQbh1acOh00yC&jsv=20130128&user_lang=en-US
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 05:06:50 GMT
Via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 79490
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 4mfFT82_J79kJ-k329IJQUjBS3Rxp9HZr6C9HduxOVCitPjorhY6FQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 410ms
108ms Image
text/plain 3.142.157.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.142.157.144 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-157-144.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
server: Server

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 24ms
22ms Script
application/javascript 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1520
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a48bcfccad42794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Oct 2021 03:11:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
6ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4265
date: Wed, 27 Oct 2021 02:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 27 Oct 2021 04:00:34 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 4 KB
2 KB 26ms
23ms Script
text/javascript 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26dbf5ed07bbe2bbc0036fa94ac6c77dd5347d614ba71e6e1ae471bb3f303b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 922
cf-polished: origSize=4574
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 363d0416-d6b2-4b9f-918a-11877f887a94
x-runtime: 0.916144
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"641ba86c87e0585120ef65f1c090f5b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6a48bcfd5b202794-PRG
access-control-allow-headers: SDK-Version
expires: Wed, 27 Oct 2021 04:11:39 GMT

GET
H2 200 hls.js Show response
emeax.viadata.store/js/ 235 KB
84 KB 35ms
28ms Script
application/javascript 23.83.122.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://emeax.viadata.store/js/hls.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.122.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 14:39:05 GMT
server: nginx/1.19.5
etag: W/"5ffdb489-3ab3e"
content-type: application/javascript

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 29ms
13ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=110496
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Thu, 28 Oct 2021 09:53:15 GMT

GET
H2

200

cookiesync Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/cookiesync
https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync

4 KB
5 KB

55ms
17ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b187ec7d1a3bc1872cccad8972e4c27894f91e73e971f6cbfa45ec0a140cd06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
content-length: 4454
last-modified: Tue, 12 Oct 2021 07:50:50 GMT
server: cloudflare
etag: "61653e5a-1166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwOni8hLFB8sFLaumW4EnfhVxSXPDNpMyEzEYLRTYGN5f5Vdt%2B0aG1nUTPToDgNFr2FHryv%2FWizN7gLQU8G%2BaWPpnGEqj22DmG5JaMZJeBn%2B4dc8oZxeIye2OgDYWzHLqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6a48bd009e57412c-PRG

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync
connection: close
content-length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6D7B 2 KB
823 B 37ms
9ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7516a748d25c406

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=7516a748d25c406
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 code.js Show response
emea.viadata.store/tag/ 30 KB
16 KB 20ms
18ms Script
application/javascript 23.83.122.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://emea.viadata.store/tag/code.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.122.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: f6056a7abf8dbbbcc6c1998cfb6f95ff860f00d4b88eabf6c8c22aa4b83cb693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
cache-control: public
content-type: application/javascript
server: nginx/1.19.5
content-encoding: gzip
expires: Thu, 28 Oct 2021 03:11:39 GMT

GET
H2 200 site
logs.viadata.store/req/ 43 B
297 B 239ms
47ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/req/site?sid=104366&cid=0&uid=9b3e8735-ca3d-42d0-984f-20430336b122&event=playerLoaded&cb=1635304299092

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Oct 2021 03:11:39 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9438.XBlLZSLAMTMhznILYH5XcJRENaxBwvy_Y2OYYiPhZjoDd19YrJhakWghMyoFsb66.ow3iqliEWtAJdxFkSU580cXH_E0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9438.l0nYMXhmtzjIWLQ3EPrkzqTXZUXWrarE3ryO5JKJKDV6rrQpKgpPIh-fDG6I_yg4JWK190jSv1eD5jmQ6Yj9NQ%2C%2C.qPshdAFS9WPKnohLoLj8gzfYFkY%2C

75 B
75 B

32ms
31ms

Image
text/html

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9438.l0nYMXhmtzjIWLQ3EPrkzqTXZUXWrarE3ryO5JKJKDV6rrQpKgpPIh-fDG6I_yg4JWK190jSv1eD5jmQ6Yj9NQ%2C%2C.qPshdAFS9WPKnohLoLj8gzfYFkY%2C

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9438.l0nYMXhmtzjIWLQ3EPrkzqTXZUXWrarE3ryO5JKJKDV6rrQpKgpPIh-fDG6I_yg4JWK190jSv1eD5jmQ6Yj9NQ%2C%2C.qPshdAFS9WPKnohLoLj8gzfYFkY%2C
date: Wed, 27 Oct 2021 03:11:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 coreupdate.js Show response
icdn.ensonhaber.com/cdn/desktop/core/ 15 KB
4 KB 46ms
46ms Script
application/javascript 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/core/coreupdate.js?version=2.0.0.0.5.0.1
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5c93e7fd456a5eee86e4fbf4fdce21832be87d86d1043a09a5cacc9ca5106a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: REVALIDATED
x-msg-hkn: js
content-encoding: br
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Wed, 14 Jul 2021 07:49:19 GMT
server: cloudflare
etag: W/"60ee96ff-3b62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a48bcfe2a3a4119-PRG
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 86ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

2f203091af5d4c7ef9e95b1185eba2e9750bb23acceb0c9264bbe574a6c73afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 86 of 1000 / last-modified: 1635285960"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27292
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET
H2 200 aa_3725.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2021/10/27/ 13 KB
14 KB 48ms
47ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2021/10/27/aa_3725.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe06450b81adeec6846a44634ea0ac6089b9a0217a2f4b6957a41b3a7bf3b37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 13764
hakan: 287
x-msg-cdn: 02
server: cloudflare
etag: "84c7bc65c0b940def89b38d63115c4fbba27d383"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfe3a3c4119-PRG
expires: Thu, 28 Oct 2021 02:05:35 GMT

GET
H2 200 aa_6173.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2021/10/27/ 10 KB
10 KB 49ms
48ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2021/10/27/aa_6173.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 906b3610840fdedb32f6f70d96b8856e4b968616f4c175824d5ffbae3539c38b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 10275
hakan: 287
x-msg-cdn: 02
server: cloudflare
etag: "c565850cbcd8f91dfd848542eae92c711e8bf6b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfe3a3d4119-PRG
expires: Thu, 28 Oct 2021 01:57:43 GMT

GET
H2 200 ambidekster-nedir_4093.jpg
icdn.ensonhaber.com/crop/189x129-85/resimler/diger/kok/2021/10/26/ 5 KB
5 KB 22ms
21ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/189x129-85/resimler/diger/kok/2021/10/26/ambidekster-nedir_4093.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f796177364b7c35bc22b5daa0687e4ef3f4727e01ef6af3e4d62895177b59f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 48314
cf-polished: origSize=5021, status=webp_bigger
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 189
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d3064d63bc5219a09407d5caa30322296ea24d58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 27 Oct 2021 13:43:05 GMT
cache-control: max-age=86400,public
content-length: 4824
cf-ray: 6a48bcfe3a3e4119-PRG
x-msg-cdn: 01

GET
H2 200 selman-micotakis_5508.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger/kok/2021/10/27/ 2 KB
2 KB 44ms
43ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger/kok/2021/10/27/selman-micotakis_5508.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f08987105fab320b2de67a8e92c7dd7084a96f48ab7d6acc511a182014e964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 1676
hakan: 55
x-msg-cdn: 02
server: cloudflare
etag: "8e68e28388672bfbdfd824958f2b3449992eedb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfe3a3f4119-PRG
expires: Wed, 27 Oct 2021 21:14:24 GMT

GET
H2 200 salah_6726.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger/kok/2021/10/27/ 2 KB
2 KB 45ms
45ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger/kok/2021/10/27/salah_6726.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61e9640ac6865b1025bd79ba3989623b4195624bce1eac9585fe99d2976ab015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: MISS
x-msg-hkn: crop
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 1645
hakan: 55
x-msg-cdn: 02
server: cloudflare
etag: "8c848b0c140f977a49619db9ba9ce63d27441c3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
cf-ray: 6a48bcfe3a404119-PRG
expires: Wed, 27 Oct 2021 21:39:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1423785292&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&ul=en-us&de=UTF-8&dt=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1050349872&gjid=1403774323&cid=48119848.1635304299&tid=UA-955423-1&_gid=1885880281.1635304299&_r=1&gtm=2ouak0&z=1918301817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 32ms
32ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
last-modified: Mon, 25 Oct 2021 12:24:54 GMT
etag: "617677e6-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 27 Oct 2021 04:11:39 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 51ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

32733f3709c257801029afeb0bad74918e80ae8382102a86e5b64dcde4a2b683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1025 / 418 of 1000 / last-modified: 1635286009"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27320
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET
H2 200 210830.js Show response
emeax.viadata.store/js/ Frame 6580 180 KB
83 KB 15ms
15ms Script
application/javascript 23.83.122.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://emeax.viadata.store/js/210830.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.122.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 13:15:02 GMT
server: nginx/1.19.5
etag: W/"61321fd6-2cf94"
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
415 B 45ms
15ms XHR
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-955423-1&cid=48119848.1635304299&jid=1050349872&gjid=1403774323&_gid=1885880281.1635304299&_u=YEBAAUAAAAAAAC~&z=1344684154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 03:11:39 GMT
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/24056266/
Redirect Chain

https://mc.yandex.com/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%...

331 B
413 B

33ms
32ms

XHR
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A14065830395%3Ahid%3A446191471%3Az%3A0%3Ai%3A202101027031139%3Aet%3A1635304299%3Ac%3A1%3Arn%3A326384659%3Arqn%3A1%3Au%3A1635304299274373556%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635304298397%3Ads%3A0%2C34%2C114%2C34%2C162%2C0%2C%2C133%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C34%2C114%2C34%2C161%2C0%2C%2C179%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635304299%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29ti%282%29

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

41e3bd8d2cf7a8804d3020f7631ad32c0501b43da125367ed23ae60994a3551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 27-Oct-2021 03:11:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 27-Oct-2021 03:11:39 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
last-modified: Wed, 27-Oct-2021 03:11:39 GMT
location: /watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwin74n%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A680%3Acn%3A1%3Adp%3A0%3Als%3A14065830395%3Ahid%3A446191471%3Az%3A0%3Ai%3A202101027031139%3Aet%3A1635304299%3Ac%3A1%3Arn%3A326384659%3Arqn%3A1%3Au%3A1635304299274373556%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1635304298397%3Ads%3A0%2C34%2C114%2C34%2C162%2C0%2C%2C133%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C34%2C114%2C34%2C161%2C0%2C%2C179%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1635304299%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 27-Oct-2021 03:11:39 GMT

GET
H3 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 43ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 235 B
160 B 48ms
25ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7f1e13ead91cf1fafaa5544d86dae6fefbb7ac1a1501a146176bce5695b49f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 39ms
17ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-955423-1&cid=48119848.1635304299&jid=1050349872&_u=YEBAAUAAAAAAAC~&z=1198843017

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
472 B 40ms
18ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-955423-1&cid=48119848.1635304299&jid=1050349872&_u=YEBAAUAAAAAAAC~&z=1198843017

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12_news_eng.m3u8 Show response
uscdn.viadata.store/media/ 1 KB
2 KB 486ms
158ms XHR
application/vnd.apple.mpegurl 173.237.60.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://uscdn.viadata.store/media/12_news_eng.m3u8

Requested by

Host: emeax.viadata.store
URL: https://emeax.viadata.store/js/hls.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.60.36 Dallas, United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 14:49:33 GMT
server: nginx
etag: "60390a7d-513"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1299

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 viads-player-logo-50.png
cdn.viadata.store/static/ 10 KB
10 KB 166ms
62ms Image
image/png 23.111.115.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viadata.store/static/viads-player-logo-50.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
last-modified: Fri, 24 Sep 2021 20:49:46 GMT
server: nginx
etag: "614e39ea-26d1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9937

POST
H2 200 ui Show response
m.ensonhaber.com/api/uye/ 4 KB
740 B 96ms
87ms XHR
text/html 172.67.4.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.ensonhaber.com/api/uye/ui?i=500
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.0.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.4.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.14
Resource Hash: b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1

Request headers

Accept: */*
Referer: https://www.ensonhaber.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 6a48bd007aa44125-PRG

GET
H2 200 / Show response
emeax.viadata.store/export/104366/ Frame 6580 4 KB
2 KB 17ms
17ms XHR
application/json 23.83.122.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://emeax.viadata.store/export/104366/?secured=1&language=en&page_url=https%3A%2F%2Fwww.ensonhaber.com%2F&pub_sid=104366&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=www.ensonhaber.com&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=299514&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1635304299590
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.122.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 66f60084e053dd0a98e9aa4ee5672eec414fcadf825ad5c81e2007b61ab738a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.ensonhaber.com
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.19.5
content-type: application/json; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 37ms
15ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 67ms
25ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 984 B
561 B 179ms
179ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=4163055162530132&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299636&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2447352499&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

70d8770b4dabc3314b9bd505b9f5a2bd85873d709cbfd2452e340e85b360b45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 531
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 461 B
281 B 115ms
115ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=1197972051451507&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2CESH_DESKTOP_DETAY%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x250%7C728x90%7C970x250&eri=1&cust_params=kategori%3Danasayfa&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299642&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2454138541&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eba48f0c5b9ef856e050ba93cf055eece5993e0c8f5d6d5c313f3d16f137543a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A515 6 KB
4 KB 71ms
22ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:11:39 GMT
expires: Thu, 27 Oct 2022 03:11:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 pubads_impl_page_level_ads_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 22ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021102501.js?cb=31063318

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6bfc7785d5c5dffd1017bdb5473aedf0ca227ff356d5d2db34e37d789a106a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13423
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET cs
rtb-msk-2.viadata.store/vast/ Frame 6580 0
0

GET
H2 200 / Show response
ads.viralize.tv/vast/ Frame 6580 67 B
304 B 64ms
29ms XHR
text/xml 35.186.238.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=5304299664
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 232.238.186.35.bc.googleusercontent.com
Software: uvicorn, Unknown /
Resource Hash: 2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
server: uvicorn, Unknown
vary: Accept-Encoding, Origin
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google
expires: 0

GET
H/1.1 200
OK bid.php Show response
n.ap1.dyntrk.com/ Frame 6580 21 B
224 B 300ms
94ms XHR
text/xml 135.148.55.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://n.ap1.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Fwww.ensonhaber.com%2F&uint=2&ist=1&cdid=DYN-OPM-0388&plw=432&plh=243&addu=60&pubid=104366&uifa=9b3e8735-ca3d-42d0-984f-20430336b122&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=5304299664
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.148.55.36 , United States, ASN16276 (OVH, FR),
Reverse DNS: ns1007673.ip-135-148-55.us
Software: proxy /
Resource Hash: e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.ensonhaber.com
pragma: no-cache
x-rc: 81
server: proxy
access-control-allow-credentials: true
content-length: 21
content-type: text/xml

GET ad_request
ads.aralego.com/ Frame 6580 0
0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 6580
Redirect Chain

https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299
https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299

49 B
603 B

60ms
60ms

Image
image/gif

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 03:11:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 10
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 27 Oct 2021 03:11:39 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=9b3e8735-ca3d-42d0-984f-20430336b122&i=1635304299
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6580
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122
https://sync.search.spotxchange.com/partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122&__user_check__=1&sync_id=9a596e7e-36d3-11ec-b1ec-153cf9b00206

43 B
548 B

15ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122&__user_check__=1&sync_id=9a596e7e-36d3-11ec-b1ec-153cf9b00206
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 03:11:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 25
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 27 Oct 2021 03:11:39 GMT
Server: nginx
Location: /partner?adv_id=273596&uid=9b3e8735-ca3d-42d0-984f-20430336b122&__user_check__=1&sync_id=9a596e7e-36d3-11ec-b1ec-153cf9b00206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
H2 200 dsp
logs.viadata.store/event/ Frame 6580 43 B
296 B 47ms
47ms Image
image/gif 23.111.115.244
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs.viadata.store/event/dsp?sid=104366&event=rtb&event2=request&cb=1635304299665&tids=7641,7615,7639,7642,7643

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Oct 2021 03:11:39 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 282ms
282ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=842468997272221&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_right_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&eri=1&cust_params=kategori%3Danasayfa&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299674&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=1404&adys=20&adks=187789267&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aef2a30f64cc1c7b0edef5c6e9c8267bcfd8aabb0f85218111200b9b9c5333f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10618
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
33 KB 317ms
317ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=1262752663011959&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&eri=1&cust_params=kategori%3Danasayfa&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299679&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=961&adks=1309920947&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aa65cc13ca4ff46ba2e31358d4ef9e9672b55a1303e8725cc97dde5d6705b7b2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6667110001810498197/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6667110001810498197/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvPiZ_P6fMCFU71dwod5HIN2w&gqi=&layout=/sadbundle/%24csp%253Der3%24/6667110001810498197/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6667110001810498197/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6667110001810498197/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvPiZ_P6fMCFU71dwod5HIN2w&gqi=&layout=/sadbundle/%24csp%253Der3%24/6667110001810498197/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33813
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 27 Oct 2021 03:11:39 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 274ms
273ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=1471821978234146&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299683&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=165&adks=2401798105&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5d864b0bda7933cd85c32c0c0935ab2639bae38721c51bca6e50df6376db1248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12555
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 222ms
221ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4372716615104976&correlator=2754613855095206&output=ldjh&impl=fifs&eid=31063280%2C31063318%2C44742767%2C31063140&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211027&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Csidebar_top_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C336x280&eri=1&cust_params=kategori%3Danasayfa&cookie_enabled=1&bc=31&abxe=1&lmt=1635304299&dt=1635304299687&dlt=1635304298788&idt=813&frm=20&biw=1600&bih=1200&oid=2&adxs=1072&adys=1048&adks=1679685069&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x0&msz=336x0&ga_vid=48119848.1635304299&ga_sid=1635304300&ga_hid=1423785292&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

de8b3e75c6b0e9c3f52cac71545794c8de0bddde57bcf25214b2ceeb7759edaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7542
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
496 B 430ms
110ms XHR
text/html 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=14px%20Arial,%20Helvetica,%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/cookiesync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e2b04dd8fbd0c183573751386ebfde1450bb04fc41c4355a04642f7f8c3c728e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 03:11:40 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.ensonhaber.com
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 80ms
36ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

cd0ec6a7d9f98995448464bf24eb8c5a40181ed301444c9239d576241aeb2d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8470
x-xss-protection: 0

POST
H2 200 rum Show response
www.ensonhaber.com/cdn-cgi/ 0
259 B 31ms
31ms XHR
text/plain 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ensonhaber.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.ensonhaber.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: __asc=9a5400b117cbfbb59ec7714fb9e; __auc=9a5400b117cbfbb59ec7714fb9e; _ym_uid=1635304299274373556; _ym_d=1635304299; _ga=GA1.2.48119848.1635304299; _gid=GA1.2.1885880281.1635304299; _gat_gtag_UA_955423_1=1; _ym_isad=2; __gads=ID=5151efb7b66babef-22ac742f02cb00a5:T=1635304299:S=ALNI_MaesKv9TXG4sbpcrt6g6QcQQFcmOw
content-length: 21381
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.ensonhaber.com
referer: https://www.ensonhaber.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.ensonhaber.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6a48bd022c894119-PRG
vary: Origin

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 22ms
22ms Stylesheet
text/css 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1506
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6a48bd024a4427bc-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Oct 2021 03:11:39 GMT

GET
H3 200 container.html
48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3888 6 KB
0 25ms
7ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:11:39 GMT
expires: Thu, 27 Oct 2022 03:11:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
32ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 27 Oct 2021 03:11:39 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 192 B
591 B 392ms
371ms Fetch
application/json 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: aba342c3-2f94-4e68-8985-0b0219acf9ec
x-runtime: 0.006340
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dbc49bc6ae6902c8dd6950a3fc42196d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6a48bd02e97f2774-PRG
access-control-allow-headers: SDK-Version

GET
H3 200 container.html
48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6EA 0
0 7ms
7ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 27 Oct 2021 03:11:39 GMT
expires: Thu, 27 Oct 2022 03:11:39 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ 190 KB
55 KB 37ms
7ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 401142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55667
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 13 KB
5 KB 48ms
18ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 401142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4996
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 89 KB
28 KB 48ms
19ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 401142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 4 KB
2 KB 51ms
22ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 401142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1635
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 40 KB
13 KB 50ms
21ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 401142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12816
x-xss-protection: 0
server: sffe
date: Fri, 22 Oct 2021 11:45:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Oct 2022 11:45:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 45ms
16ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js?31063318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 01:44:55 GMT
server: ESF
date: Wed, 27 Oct 2021 03:11:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 03:11:40 GMT

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ 3 KB
3 KB 47ms
20ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 12:01:27 GMT
x-content-type-options: nosniff
server: cafe
age: 54613
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Wed, 27 Oct 2021 12:01:27 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ 344 B
368 B 41ms
17ms Image
image/png 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 50702
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 27 Oct 2021 13:06:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 33ms
32ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyk8Ta8N4YeOXLNqVrASQ74iAD6G5o_9liN_K7voO9Zjg88oBEAEg1obbJWCVgoCAmAegAZDCncAByAEJ4AIAqAMByAMKqgSHAk_QbgdCaWActYkMIMPyIZ9ioWgu6IdlyUPsmTwX_BleocJtKwGc3scejdTXbYbFMaw9RwIlttAQKZK6w4RZdtKAsgg2696ZpedPgfvnuDVRwzeH-KkydQ-cLazeoFcBOX74vFccDQsvau9ikGIaS8d_WwoZ8yjtO4Q7ke_mb9qUzpmP83WjrC9qXXHEw_tlTF5uGGA3giW6SFbGn7L8VvOTyVmkQwCQhk8KCQvYOL1Db5BFWmVZW0Zt690wSxGKs1u9ewVGuvRyXa9KKLiH32NHnw8Yulc0PgAjsr3vaP8jYqpI_5bWyn6scfnqtH3kdJDIhEy-KBlomhOQitg29nM6XuRe_PpKwASJxLWX1wPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1NCe5QKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQr4gO0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDNAVAYAXAbIXHgocCAASFHB1Yi04NjAxNTg1NTA1NzAxOTQ3GL6XDg&sigh=lylcnOpC4kI&uach_m=[UACH]&template_id=5000&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8989504734377505958/ 22 KB
22 KB 41ms
17ms Image
image/jpeg 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8989504734377505958/downsize_200k_v1?w=600&h=314

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

0d4a94078f79221595f32733badfc9cbae99362277ca57a474e4fe919a19cfc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 11:37:01 GMT
x-content-type-options: nosniff
age: 56079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22271
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 08:49:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Oct 2022 11:37:01 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 591b419ee552221a1917cf597404306c80b4d73118eaf6db22e79f6a99abdcc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12_news_eng000.ts Show response
uscdn.viadata.store/media/ 242 KB
242 KB 316ms
316ms XHR
video/mp2t 173.237.60.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://uscdn.viadata.store/media/12_news_eng000.ts

Requested by

Host: emeax.viadata.store
URL: https://emeax.viadata.store/js/hls.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.60.36 Dallas, United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 14:46:45 GMT
server: nginx
etag: "603909d5-3c670"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 247408

GET
BLOB 200
OK 0db6c825-2ab1-4e84-8502-84412624ba3c
https://www.ensonhaber.com/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ensonhaber.com/0db6c825-2ab1-4e84-8502-84412624ba3c
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 62028
Content-Type: text/javascript

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 36ms
13ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 521761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 02:15:39 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
22 KB 28ms
7ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ensonhaber.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 118214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:21:26 GMT

GET
H2

200

1x1.png
cdn.aralego.net/img/
Redirect Chain

https://sync.aralego.com/idsync?
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/734f3f9d-ab60-3ab6-b834-c2b18450e650?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-yOZDGoRE2oUoEH5vI1rCO4EvHV.cfsfwqtqWETw-~A&redirect=
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=734f3f9d-ab60-3ab6-b834-c2b18450e650&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=734f3f9d-ab60-3ab6-b834-c2b18450e650&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=efcabb08-7fa6-4246-9b06-92a4fe42b356&google_hm=ZWZjYWJiMDgtN2ZhNi00MjQ2LTliMDYtOTJhNGZlNDJiMzU2
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGqmdpUZ_RQouag6f7bVlfc&google_cver=1&ssp=ucfunnel&bsw_param=efcabb08-7fa6-4246-9b06-92a4fe42b356
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=efcabb08-7fa6-4246-9b06-92a4fe42b356
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NzM0ZjNmOWQtYWI2MC0zYWI2LWI4MzQtYzJiMTg0NTBlNjUw&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
408 B

203ms
203ms

Image
image/png

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:41 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3SBdNeY22ZO7g1IibD9OsDKUHJxCySDCPXjGUyq7410lQG6CuHnI%2Bxeo9SbvkYFS48c8gWDXoZOC0FqIo63ZmQMVn7w7ie8nzm078aX9OKrBTY%2BsuFR3JP28XBOvysNug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6a48bd0c4bec412c-PRG
content-length: 68
accept-ranges: bytes

Redirect headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.aralego.net/img/1x1.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
img.onesignal.com/permanent/ 18 KB
18 KB 27ms
18ms Image
image/png 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.226.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:40 GMT
cf-cache-status: HIT
age: 920
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18279
x-amz-id-2: 9DSX+D7MnrBUXQ2j2PI81yxpJ8Rh3sKiKprwXv7KSTzNQab3rhCu67fituySIkSiR8Hd5/5R6JA=
last-modified: Tue, 31 Mar 2020 16:09:33 GMT
server: cloudflare
etag: "0088cf87fd11f035d81a2c095cc58322"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: G507JVYH61MXKQ0H
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6a48bd054f7b2794-PRG
expires: Sat, 27 Nov 2021 03:11:40 GMT

GET
H2 200 12_news_eng001.ts Show response
uscdn.viadata.store/media/ 411 KB
412 KB 161ms
161ms XHR
video/mp2t 173.237.60.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://uscdn.viadata.store/media/12_news_eng001.ts

Requested by

Host: emeax.viadata.store
URL: https://emeax.viadata.store/js/hls.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.237.60.36 Dallas, United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 14:46:51 GMT
server: nginx
etag: "603909db-66acc"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp2t
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 420556

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 33ms
19ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveZAVx7jghwuynEYUmtDgtPKyLWQp24W0EV2uNB8F4fl20uHdZMTq0pnDxfSCbM4QF24cDexEJ0E65m73jXAqsTZQevo6esQgJ0NWFIiz1QntyJOTlvw&sai=AMfl-YQmt_JXI2v62ORxFBOEkcpPw2sLJ_U6k9CP1YEsle7cEillsmqL72igdnJ65A6nwCzAinwJ2LExTMxW1D7kb9_gqsoyf458fjGueSyqzShHRI8myNOdM7wNpbI8CJ8&sig=Cg0ArKJSzLyPhyt2npVkEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=64&tls=1064&g=100&h=100&tt=1064&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2401798105

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 03:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 erdogan-aliyev-ermenistan-normalleselim-manset_1260.jpg
icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/ 99 KB
100 KB 21ms
21ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/erdogan-aliyev-ermenistan-normalleselim-manset_1260.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3543737d1ff31236e35d630114f134ac6e833e0583ca40c9d0252c459d237d82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:44 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 15109
cf-polished: origSize=107768, status=webp_bigger
x-msg-hkn: /
content-length: 101676
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Tue, 26 Oct 2021 22:55:58 GMT
server: cloudflare
etag: "6178877e-1a4f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 25 Dec 2021 22:55:58 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 6a48bd1dce384119-PRG
cf-bgj: imgq:100,h2pri

GET
H2 200 la-palma-kutu_1956.jpg
icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/ 59 KB
59 KB 58ms
58ms Image
image/jpeg 104.22.72.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2021/10/27/la-palma-kutu_1956.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.72.231 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4def5ebde1d9e98d9b99fd27a56495b3fbe4c9bdc077c23be277ca650a2ebf70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 03:11:44 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: MISS
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
content-length: 60543
last-modified: Wed, 27 Oct 2021 02:38:34 GMT
server: cloudflare
etag: "6178bbaa-ec7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 6a48bd1dee4d4119-PRG
expires: Sun, 26 Dec 2021 02:38:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rtb-msk-2.viadata.store
URL: https://rtb-msk-2.viadata.store/vast/cs?zone=104366&w=432&h=243&site=https%3A%2F%2Fwww.ensonhaber.com%2F&vp=2&cbb=5304299663

Domain: ads.aralego.com
URL: https://ads.aralego.com/ad_request?host=ensonhaber.com&ver=UCX_WEB-20200113&adid=ad-BE78D938BADA6494F79A93AAB87BB7B7&atype=2&u=https%3A%2F%2Fwww.ensonhaber.com%2F&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=5304299664

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ensonhaber.com/	1970-01-19 22:15:06	Name: __asc Value: 9a5400b117cbfbb59ec7714fb9e
.ensonhaber.com/	1970-01-20 07:02:06	Name: __auc Value: 9a5400b117cbfbb59ec7714fb9e
.viadata.store/	1970-01-19 22:58:16	Name: viads_uid Value: 9b3e8735-ca3d-42d0-984f-20430336b122
.ensonhaber.com/	1970-01-20 07:00:40	Name: _ym_uid Value: 1635304299274373556
.ensonhaber.com/	1970-01-20 07:00:40	Name: _ym_d Value: 1635304299
.mc.yandex.com/	1970-01-19 22:15:04	Name: sync_cookie_csrf Value: 2311513955fake
.ensonhaber.com/	1970-01-20 15:46:16	Name: _ga Value: GA1.2.48119848.1635304299
.ensonhaber.com/	1970-01-19 22:16:30	Name: _gid Value: GA1.2.1885880281.1635304299
.ensonhaber.com/	1970-01-19 22:15:04	Name: _gat_gtag_UA_955423_1 Value: 1
.mc.yandex.ru/	1970-01-19 22:15:04	Name: sync_cookie_csrf Value: 2696414732fake
.ensonhaber.com/	1970-01-19 22:16:16	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 07:00:40	Name: yandexuid Value: 3096644071635304299
.yandex.com/	1970-01-20 07:00:40	Name: yuidss Value: 3096644071635304299
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2242454361635304299
.yandex.com/	1970-01-23 13:51:04	Name: i Value: PWX6QdefFQrIYctv9KZcxZ4pQBZc2ODumztmABS0iH30vi44BcbdJhlS6dvEbIhjkk8CyNtjNP7NSvggQ2PCPctRNkM=
.yandex.com/	1970-01-20 07:00:40	Name: ymex Value: 1666840299.yrts.1635304299#1666840299.yrtsi.1635304299
.viadata.store/	1970-01-19 22:26:35	Name: viads_sc Value: %7B%22pubm%22%3A1635304299%2C%22ucf%22%3A1635304299%2C%22one%22%3A1635304299%2C%220%22%3A1635304299%2C%2227%22%3A1635304299%7D
.spotxchange.com/	1970-01-20 07:00:44	Name: audience Value: 9a596e2e-36d3-11ec-b1ec-153cf9b00206
.dmg.digitaltarget.ru/	1970-01-21 00:10:16	Name: viuserid Value: YsTY-y.v27KbMji7FJDS
.ensonhaber.com/	1970-01-20 07:36:40	Name: __gads Value: ID=b6151c568426cd45-22b229a601cb0078:T=1635304299:S=ALNI_MaGn5fHiUKrahrDlfrRSIljeLNqUg
.doubleclick.net/	1970-01-20 07:36:40	Name: IDE Value: AHWqTUl1PRfnOot4XV68H_Ur1j5UBrT_sjufW8RKl6C3c0WOZj3zFPC1vHY6_mP1TPg
.aralego.com/	1970-01-20 07:00:40	Name: sspid Value: 734f3f9d-ab60-3ab6-b834-c2b18450e650
.yahoo.com/	1970-01-20 07:01:01	Name: A3 Value: d=AQABBGzDeGECENohhqvzkZjSqyrpDNLrOioFEgEBAQEUemGCYQAAAAAA_SMAAA&S=AQAAAqdE2uU1318crk9zaRP_FjI
.bidswitch.net/	1970-01-20 07:00:40	Name: tuuid Value: efcabb08-7fa6-4246-9b06-92a4fe42b356
.bidswitch.net/	1970-01-20 07:00:40	Name: c Value: 1635304300
.bidswitch.net/	1970-01-20 07:00:40	Name: tuuid_lu Value: 1635304300

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9438.l0nYMXhmtzjIWLQ3EPrkzqTXZUXWrarE3ryO5JKJKDV6rrQpKgpPIh-fDG6I_yg4JWK190jSv1eD5jmQ6Yj9NQ%2C%2C.qPshdAFS9WPKnohLoLj8gzfYFkY%2C Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://tpc.googlesyndication.com/ Message: Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/ Message: Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 29) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('null').
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://ads.aralego.com/ Message: Refused to frame 'https://cdn.aralego.net/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://ads.pubmatic.com/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
javascript	warning	URL: https://www.ensonhaber.com/ Message: The resource https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48790e0c30eb25cc467f59f201836317.safeframe.googlesyndication.com
ads.aralego.com
ads.pubmatic.com
ads.viralize.tv
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.aralego.net
cdn.onesignal.com
cdn.viadata.store
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
dmg.digitaltarget.ru
emea.viadata.store
emeax.viadata.store
ensonhaber.com
fonts.googleapis.com
fonts.gstatic.com
icdn.ensonhaber.com
img.onesignal.com
logs.viadata.store
m.ensonhaber.com
mc.yandex.com
mc.yandex.ru
n.ap1.dyntrk.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rtb-msk-2.viadata.store
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.aralego.com
sync.search.spotxchange.com
tpc.googlesyndication.com
uscdn.viadata.store
www.ensonhaber.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.aralego.com
rtb-msk-2.viadata.store
104.16.95.65
104.18.226.52
104.22.72.231
104.22.73.231
104.26.4.103
108.177.15.156
135.148.55.36
142.250.181.225
142.250.181.226
142.250.184.195
142.250.184.202
142.250.184.225
142.250.185.100
142.250.185.104
142.250.185.110
142.250.186.129
142.250.186.130
142.250.186.131
142.250.186.34
142.250.186.98
142.250.74.194
143.204.98.84
162.210.196.208
172.67.4.66
173.237.60.36
18.192.95.190
185.15.175.157
185.94.180.125
192.96.200.41
2.18.233.180
23.111.115.236
23.111.115.244
23.83.122.236
3.142.157.144
35.186.238.232
51.38.120.206
52.18.71.64
87.250.250.119
01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
07d26858454ecd4e9b399772b72515ae571246f67c1206563ce7bf69ff1cdf23
07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d
0d4a94078f79221595f32733badfc9cbae99362277ca57a474e4fe919a19cfc8
118a64d2ac459475fba4f102b7150cb2ab0d31f6d37ee8015a65a7a0ca8c1a65
15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0
1908deb81c845173bf379ceda85f8ace078f51235e6d64440bbef050e8177ee3
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d
2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14
2f203091af5d4c7ef9e95b1185eba2e9750bb23acceb0c9264bbe574a6c73afa
32733f3709c257801029afeb0bad74918e80ae8382102a86e5b64dcde4a2b683
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3543737d1ff31236e35d630114f134ac6e833e0583ca40c9d0252c459d237d82
3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b89e9045ee5ee56caf230cdeca9b4d7df088fc35b154030f350b1cd172386c0
3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392
41e3bd8d2cf7a8804d3020f7631ad32c0501b43da125367ed23ae60994a3551a
432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37
43c081ca9391ac9fcd5624abd5c6da46827d2f43c14273731ca48863d3b7dfea
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45f0f17894ab482b67a6d7f5fa80bd19fb44da017e93a2df668311c9409c0970
4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c
4def5ebde1d9e98d9b99fd27a56495b3fbe4c9bdc077c23be277ca650a2ebf70
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3
56c2a731caa5e76f479cec12d5aedd00dbcf736d43f3e3d6fb1e864eec2cb234
591b419ee552221a1917cf597404306c80b4d73118eaf6db22e79f6a99abdcc8
59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5d433c8a18c60c2a39c52e67839befdddfcdda0b3e0b6fc7bfad3b7b6f1bc1b5
5d864b0bda7933cd85c32c0c0935ab2639bae38721c51bca6e50df6376db1248
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61e9640ac6865b1025bd79ba3989623b4195624bce1eac9585fe99d2976ab015
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66f60084e053dd0a98e9aa4ee5672eec414fcadf825ad5c81e2007b61ab738a9
69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6bfc7785d5c5dffd1017bdb5473aedf0ca227ff356d5d2db34e37d789a106a86
70d8770b4dabc3314b9bd505b9f5a2bd85873d709cbfd2452e340e85b360b45e
756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81
75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893
778cb408a885ba78f5ed380f3b3e61ea08ab505fbbf59eee126cb3c8e55eb6c9
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7f1e13ead91cf1fafaa5544d86dae6fefbb7ac1a1501a146176bce5695b49f1c
7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80f796177364b7c35bc22b5daa0687e4ef3f4727e01ef6af3e4d62895177b59f
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
906b3610840fdedb32f6f70d96b8856e4b968616f4c175824d5ffbae3539c38b
a0f08987105fab320b2de67a8e92c7dd7084a96f48ab7d6acc511a182014e964
a220562ea3746e5cd1647de651b5fbb1e2874c946d28fa91ccc42af1012656e9
a3dcfbd6b446166e10db7767829d5aa85c27e2d1116dc998af3a932d0aaed58f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a75fe9acfb784bda910aec728288489aed0d6afcd101c109af4d9726e32da7a6
a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c
aa65cc13ca4ff46ba2e31358d4ef9e9672b55a1303e8725cc97dde5d6705b7b2
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ae79030c8419cdbaf850e422ee28e3a78f0bc90391c5c1ef722c71d83108ce6d
aef2a30f64cc1c7b0edef5c6e9c8267bcfd8aabb0f85218111200b9b9c5333f9
b187ec7d1a3bc1872cccad8972e4c27894f91e73e971f6cbfa45ec0a140cd06b
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b2501d83e7a70f991d54ba2762dc364f54f6e081055b24f688c4e90e3fbc6590
b26dbf5ed07bbe2bbc0036fa94ac6c77dd5347d614ba71e6e1ae471bb3f303b5
b38e7c756908ae47d4f21c3c0c965525d67ded6f60c8217553dc311eea01bcb8
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c
c4d99c827b07d8851fc1956175211d9454b7b796b83dbd0db036fbccc9876752
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cd0ec6a7d9f98995448464bf24eb8c5a40181ed301444c9239d576241aeb2d79
cfe06450b81adeec6846a44634ea0ac6089b9a0217a2f4b6957a41b3a7bf3b37
d1bd50b3d3a4199a94648f0dddefeaceb7c67ab0452263e86612b3c71fee0b74
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8b3e75c6b0e9c3f52cac71545794c8de0bddde57bcf25214b2ceeb7759edaf
e0231b27572b5dc6645a5789784a2a8e0af787e190116a95ce7a31cb1a828bcc
e2b04dd8fbd0c183573751386ebfde1450bb04fc41c4355a04642f7f8c3c728e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71
e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5
eba48f0c5b9ef856e050ba93cf055eece5993e0c8f5d6d5c313f3d16f137543a
edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f6056a7abf8dbbbcc6c1998cfb6f95ff860f00d4b88eabf6c8c22aa4b83cb693
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fc04b0840cb61b0d573b6fcf3db639bc42f8ca03874128e4a0ae18775cb08ddc
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd5c93e7fd456a5eee86e4fbf4fdce21832be87d86d1043a09a5cacc9ca5106a
feb5a8c3317c13577fc5fb09faaf465f5e7aca64b4e243a492c2c8981cbdf97a

www.ensonhaber.com Open in urlscan Pro 104.22.72.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

91 %HTTPS

0 %IPv6

28 Domains

46 Subdomains

35 IPs

6 Countries

2645 kBTransfer

4835 kBSize

26 Cookies

6 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ensonhaber.com Open in urlscan Pro
104.22.72.231 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

91 %
HTTPS

0 %
IPv6

28
Domains

46
Subdomains

35
IPs

6
Countries

2645 kB
Transfer

4835 kB
Size

26
Cookies

122 HTTP transactions
4 data transactions