urlscan.io logo urlscan.io
SecurityTrails logo

www.ensonhaber.com Open in urlscan Pro
185.102.219.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ensonhaber.com/
Submission: On December 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 8 countries across 47 domains to perform 332 HTTP transactions. The main IP is 185.102.219.172, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.ensonhaber.com. The Cisco Umbrella rank of the primary domain is 234624.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on March 31st 2023. Valid for: a year.
This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 185.102.219.172 60068 (CDN77 ^_^)
54 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.102.219.173 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
2 141.94.254.117 16276 (OVH)
7 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
61 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 47 216.58.212.130 15169 (GOOGLE)
5 11 104.18.36.155 13335 (CLOUDFLAR...)
6 9 37.252.171.149 29990 (ASN-APPNEX)
10 142.250.185.102 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.33.220.150 16509 (AMAZON-02)
1 69.166.1.66 27630 (AS-XFERNET)
1 2600:9000:211... 16509 (AMAZON-02)
3 5 51.75.86.98 16276 (OVH)
2 2 35.214.190.111 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 2.16.97.41 16625 (AKAMAI-AS)
6 6 3.121.34.204 16509 (AMAZON-02)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 37.157.5.132 198622 (ADFORM)
2 2 69.173.144.138 26667 (RUBICONPR...)
3 3 13.248.245.213 16509 (AMAZON-02)
1 1 124.146.153.170 2514 (INFOSPHER...)
3 35.157.73.176 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 52.19.30.140 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 162.19.138.119 16276 (OVH)
1 3.75.62.37 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
2 2 54.229.213.176 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
1 1 151.101.130.49 54113 (FASTLY)
1 1 72.247.154.226 20940 (AKAMAI-ASN1)
332 42
9    185.102.219.172 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-172.datapacket.com
www.ensonhaber.com
54    2606:4700:10::6816:3e4e (United States)

ASN13335 (CLOUDFLARENET, US)
s.ensonhaber.com
icdn.ensonhaber.com
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com
cdn.p.analitik.bik.gov.tr
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6816:3f4e (United States)

ASN13335 (CLOUDFLARENET, US)
api-stg.ensonhaber.com
1    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    141.94.254.117 (France)

ASN16276 (OVH, FR)
PTR: haproxy07.cl13.ovh.mrf.io
events.newsroom.bi
7    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
8    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
61    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
41    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
29    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
47    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
11    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
10    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2600:9000:211e:8800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    35.214.190.111 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 111.190.214.35.bc.googleusercontent.com
csync.loopme.me
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
6    3.121.34.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    35.157.73.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.19.30.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-30-140.eu-west-1.compute.amazonaws.com
match.360yield.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a05:d018:d29:3602:8101:fe84:3355:65 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    54.229.213.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-213-176.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.247.154.226 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-154-226.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
Apex Domain
Subdomains		 Transfer
77 googlesyndication.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
453 KB
70 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
428 KB
64 ensonhaber.com
www.ensonhaber.com — Cisco Umbrella Rank: 234624
s.ensonhaber.com — Cisco Umbrella Rank: 271752
icdn.ensonhaber.com — Cisco Umbrella Rank: 200788
api-stg.ensonhaber.com — Cisco Umbrella Rank: 304342
1013 KB
61 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
3 MB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
8 KB
10 google.com
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
81 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
7 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
5 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
382 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
2 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
60 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 491
rtb.openx.net — Cisco Umbrella Rank: 695
748 B
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
dis.criteo.com — Cisco Umbrella Rank: 550
8 KB
3 gstatic.com
www.gstatic.com
17 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
1 KB
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
839 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
2 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1442
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 1765
397 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
326 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
827 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7439
2 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
310 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
170 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2266
1016 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
543 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
583 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
1 KB
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
553 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 674
236 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
401 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
149 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
455 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9391
experiences.mrf.io Failed
44 KB
1 bik.gov.tr
cdn.p.analitik.bik.gov.tr — Cisco Umbrella Rank: 56190
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
332 47
Domain Requested by
61 s0.2mdn.net www.ensonhaber.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
s0.2mdn.net
47 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
www.ensonhaber.com
41 pagead2.googlesyndication.com www.ensonhaber.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
securepubads.g.doubleclick.net
39 s.ensonhaber.com www.ensonhaber.com
s.ensonhaber.com
29 tpc.googlesyndication.com www.ensonhaber.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
15 icdn.ensonhaber.com www.ensonhaber.com
10 ad.doubleclick.net www.ensonhaber.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 www.ensonhaber.com www.ensonhaber.com
s.ensonhaber.com
8 www.google.com www.ensonhaber.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 securepubads.g.doubleclick.net www.ensonhaber.com
securepubads.g.doubleclick.net
6 pm.w55c.net 6 redirects
6 www.googletagservices.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
www.ensonhaber.com
6 googleads.g.doubleclick.net www.googletagmanager.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
5 onetag-sys.com 3 redirects cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
4 cdn.jsdelivr.net s0.2mdn.net
3 www.gstatic.com www.ensonhaber.com
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
3 x.bidswitch.net cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
3 eb2.3lift.com 3 redirects
2 ads.yieldmo.com 2 redirects
2 rtb.openx.net cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
2 fonts.googleapis.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
www.ensonhaber.com
2 id5-sync.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
2 sync.inmobi.com 2 redirects
2 match.360yield.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 c1.adform.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 csync.loopme.me 2 redirects
2 secure.adnxs.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 events.newsroom.bi sdk.mrf.io
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.ensonhaber.com
www.googletagmanager.com
2 accounts.google.com www.ensonhaber.com
accounts.google.com
1 analytics.pangle-ads.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 dis.criteo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cms.quantserve.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 ssum-sec.casalemedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 tg.socdm.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.ad.smaato.net cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
1 sync.go.sonobi.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
1 match.adsrvr.org cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
1 s.tribalfusion.com cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 mug.criteo.com www.ensonhaber.com
1 www.google.de www.ensonhaber.com
1 static.criteo.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 sdk.mrf.io www.ensonhaber.com
1 api-stg.ensonhaber.com s.ensonhaber.com
1 cdn.p.analitik.bik.gov.tr www.ensonhaber.com
0 experiences.mrf.io Failed sdk.mrf.io
0 cs.chocolateplatform.com Failed cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
332 64
Subject Issuer Validity Valid
*.ensonhaber.com
RapidSSL TLS RSA CA G1		 2023-03-31 -
2024-03-30		 a year crt.sh
s.ensonhaber.com
GTS CA 1P5		 2023-10-27 -
2024-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
icdn.ensonhaber.com
GTS CA 1P5		 2023-10-26 -
2024-01-24		 3 months crt.sh
*.p.analitik.bik.gov.tr
RapidSSL TLS RSA CA G1		 2023-05-08 -
2024-05-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
api-stg.ensonhaber.com
GTS CA 1P5		 2023-10-29 -
2024-01-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh

This page contains 34 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: F9A74CEEEE7C65B14923E521CA643B49
Requests: 93 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2668520625AA7F1EB6ED4C425D52842F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com
Frame ID: 38F04F021BB355B7BB612E05B80CE521
Requests: 2 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 967BB57F2068DE9B4AA73A27B8F6E599
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Frame ID: 822580A43827399338A239B3738A7118
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 621961152C6573AA2A9423FB888ED4DC
Requests: 9 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4530A720161E02F6CAD624AD43F8251F
Requests: 14 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C785588B3FCB08D59F0C740D7AE4DAEF
Requests: 14 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54F5AF89D55B1D20DE8C093AA5E389DB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Frame ID: 9657C1B2132853D3A67ACA7CBC5ABA93
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4D4417D963CDA9000F0E39853749FB2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Frame ID: 046CB43CD23FD1A5A7DA92B8656DC19C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 083CD024612747C090AFA078B95A6EC7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNXVeynM3NIUk_P8xNA4Noq04I0s9yZ8uuUqSi3ri3McAsA3izbWk4qHkCTI0MAcafK-gayZKsyJcQiw_ACCq6_dtetDOOeqeyXa3e3GL_Nm5GOs9XZ7yfpJTYzlz6l-booet20dAcvatfwcS-UvIySHW4vV2BOTys3eJTOVaMCxU_ouhGDvbksVRymecmWWgIXOEmm8
Frame ID: 9D6CD0830F04781273197FAD2BE02664
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 564E9F1BBCBD885DEA6972CA29D73473
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1B13DBECA19F32E7D78835F6AD806E2A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Frame ID: 6339C050AE758AAFCB995E9BC0E81EF8
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Frame ID: 9A9F5529B93E701D97DB034D6D65100C
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 26FB21F12259B0A15B4644859AEAFD55
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7B98132084F749BACBCE505A80E61D89
Requests: 3 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD10133ED3FD2E29DFDBC7FFAED30E95
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D7004208C65BED9CD70B3EF668E3E4D1
Requests: 3 HTTP requests in this frame

Frame: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03D0C55600A0927FCC962AF4921E0CF1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Frame ID: 5A63D20837DF6F24985365A4FC17C06F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E11D3A347609F6B8751D6C07934DE525
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DCBA1EE1C38AD1E71232EF5795BA61F5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DAD8D02552776A4BAFC5BF085A2967EF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Frame ID: AFCEE94AFED39CD13A64AFAC11342547
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 62A7B0BF2EAA8BE58B2EFB5750185CDF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1DFF882FA6AD22FE4AF4381938BD3C9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: E91EF87E2C17E6555A65A844EDEC6038
Requests: 1 HTTP requests in this frame

Frame: https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Frame ID: 8DB377BF1946A9B661F6FBC71ADC531A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A0C9AB41FADD0AC677B2BF5DBDEEF5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A469A393F8569C4B40074A9E011F1E42
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ensonhaber – Son Dakika Haber, Güncel Haberler

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

332
Requests

85 %
HTTPS

43 %
IPv6

47
Domains

64
Subdomains

42
IPs

8
Countries

5524 kB
Transfer

9772 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7z3Q0nxlYmV4T1J4MEFHZmZCVEViZzgrMzNQb3puelE4bDhUbHJBSDlDZ1dod0dkZUovekRzcDdJWjNhTHZNU3p5Yk1YU0JNS3F5M2krbGJaR1lRdjdHMU1XNTVCRlhQekMwVXJZc053MFlpRmFVS2pCN0g3SnozdUtJbDV6NEk3NVhYM2M3NnVXUER5OEV5UmtPTXZMbWl0S2t6Y05GY3ZMRDNrS3AyK3ZKQTE3Q2paakRYZWs5OEJHdVgyczk4Q2sxVWlrMnhuR1lwSlNCTFEyeElYT01GT2U2ZFV3OFlIUXJ2blo4bVl5cVZZd252SHI2NEhhVVlaNHZ2c1c0YjlmdHBLSmgzU1NzTy9PTTRHdW1MZWJzYms1eGhCUkk1aTB2MVJnSTBJVndrRE9DMD18&cppv=2
Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Request Chain 95
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
Request Chain 97
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Request Chain 121
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 125
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ2h_--8e15mPJjhuSKLk9k&google_cver=1&google_push=AXcoOmR3YoGvqknQORaD21DYxJrd9wP1i1Rrgm-35SxnQ4NfBCi9iOgg7EC7ScgsK3BSGigb9VwJdFEq8IgzYrxy_HxaBYjpNL0U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3YoGvqknQORaD21DYxJrd9wP1i1Rrgm-35SxnQ4NfBCi9iOgg7EC7ScgsK3BSGigb9VwJdFEq8IgzYrxy_HxaBYjpNL0U HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 126
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxKYIn9bCpNcy4yebTx-hTrBTnGSiTdfiB8b4YZx2JdAzZrDhLDFaJ2mfmgur1GSx-gom3w HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMwF165w4H_HcCd-OIugjdI%26google_cver%3D1%26google_push%3DAXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxKYIn9bCpNcy4yebTx-hTrBTnGSiTdfiB8b4YZx2JdAzZrDhLDFaJ2mfmgur1GSx-gom3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxKYIn9bCpNcy4yebTx-hTrBTnGSiTdfiB8b4YZx2JdAzZrDhLDFaJ2mfmgur1GSx-gom3w
Request Chain 127
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEObY-YpRmgqUoBo2PAemIxM&google_cver=1&google_push=AXcoOmTo0MUuMveIo85MbUXy85Ol9soIvXIpX3-CZO6Ysk9k4jFK67jpwIVIUDjVPdkl8L6mGi_mj8rwJnDUI15Vds8-0nmaRc44BQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEObY-YpRmgqUoBo2PAemIxM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTo0MUuMveIo85MbUXy85Ol9soIvXIpX3-CZO6Ysk9k4jFK67jpwIVIUDjVPdkl8L6mGi_mj8rwJnDUI15Vds8-0nmaRc44BQ&gdpr=${GDPR}
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Request Chain 146
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
Request Chain 148
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBsQ3UqWL8S_cIH68JOdyXA&google_cver=1
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHHbfuLItXiAVh4SkX7cvA0&google_cver=1
Request Chain 155
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263KB7Sx8bVpU_BcwlR_Df-dvyqNy6YQYmTHkf9Y9C67BULuhYqWOIlOSA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263KB7Sx8bVpU_BcwlR_Df-dvyqNy6YQYmTHkf9Y9C67BULuhYqWOIlOSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263KB7Sx8bVpU_BcwlR_Df-dvyqNy6YQYmTHkf9Y9C67BULuhYqWOIlOSA
Request Chain 156
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK0-Vdn0F16fpSx3LgqKC5Y&google_cver=1&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGpn6qbL7t4xJHvVQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oK2iafl4QP83prxzWJllCQ&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGpn6qbL7t4xJHvVQ
Request Chain 157
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE5rPg9aYGpPyCXkAxcVVd8&google_cver=1&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoNFxG1G9PZchG_Pu4y8K2haw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE5rPg9aYGpPyCXkAxcVVd8&google_cver=1&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoNFxG1G9PZchG_Pu4y8K2haw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MjcwMTQ5MDg1MDQ2MjA4NA&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoNFxG1G9PZchG_Pu4y8K2haw
Request Chain 158
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENh5KpNWQFCg6BcYyV8EfV0&google_cver=1&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWkMrdtQQqPClY_Mvr_OykIVqhnN8g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCUkQtVS1KRDZQ&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWkMrdtQQqPClY_Mvr_OykIVqhnN8g
Request Chain 159
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH8USObQWm1d79OHHjC2Px8&google_cver=1&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP&google_gid=CAESEH8USObQWm1d79OHHjC2Px8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP
Request Chain 160
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAIGdvaEB8F2qSPO2uz1FqY&google_cver=1&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew&google_hm=WldtWVpzQ284WVVBQUF2M3ZvMEFBQUFB
Request Chain 164
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9aJGTFFDG7eeSoc6amKW7ktmg_e3onS1rUl4bOoyN5U1PT6HWNU25g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9aJGTFFDG7eeSoc6amKW7ktmg_e3onS1rUl4bOoyN5U1PT6HWNU25g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9aJGTFFDG7eeSoc6amKW7ktmg_e3onS1rUl4bOoyN5U1PT6HWNU25g
Request Chain 165
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPVJBmLrDnBt7SoCH5OdqEk&google_cver=1&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayEvXrp8LXNFkk5u2gCs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayEvXrp8LXNFkk5u2gCs&google_hm=k_2V-89eS8CTe808l6vOpAU
Request Chain 166
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHLW7TjBCptr8hAuT74QRyM&google_cver=1&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY36iZVnt1tQ22NM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzUzOTQzNDI1MTA5MDA2Ng%3D%3D&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY36iZVnt1tQ22NM
Request Chain 167
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJCGhOxmUavEqyCBJOp7p-8&google_cver=1&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_ffMGlDVealFy55jWA4s_z8V4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCU0EtSC00SjVJ&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_ffMGlDVealFy55jWA4s_z8V4
Request Chain 168
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_cver=1&google_push=AXcoOmRb59y4A5uaSNWNlcrSps_vSnn0c3p7buO5QO4P27Iao531rnXc_yMndYSxo7lfpdPykY7-rPUpnUtZPp_c7fM5nvdcuMUf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAAFHkAAAIB&google_nid=index&google_push=AXcoOmRb59y4A5uaSNWNlcrSps_vSnn0c3p7buO5QO4P27Iao531rnXc_yMndYSxo7lfpdPykY7-rPUpnUtZPp_c7fM5nvdcuMUf
Request Chain 170
  • https://sync.inmobi.com/gob?google_gid=CAESENyrx_EZEqgN9dL7S1p2j6M&google_cver=1&google_push=AXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNdoi2GwrhEXpuokq3Tk66y8rHtMEr0d3ulfNS2mh-_1dEj2sguhLz9 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNdoi2GwrhEXpuokq3Tk66y8rHtMEr0d3ulfNS2mh-_1dEj2sguhLz9
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKow13fzhBOgf6PxnM6zIeQ&google_cver=1
Request Chain 234
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTep8Yc-l84uE1UVOLH-UlXzAyydr6aekwIrMg0c0-o8z8fyNFgLl9PZvhXsJN9dGFwwJYLoAan0QTQ8rEwaK9PlW4lJY9P_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTep8Yc-l84uE1UVOLH-UlXzAyydr6aekwIrMg0c0-o8z8fyNFgLl9PZvhXsJN9dGFwwJYLoAan0QTQ8rEwaK9PlW4lJY9P_A
Request Chain 235
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENtpahrLxfSOAkjZqU8H644&google_cver=1&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ2RqGvNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ2RqGvNg&google_hm=eS1TN05GX3ExRTJwRnBiaEsxbUMyRjFLajJJdjlwUDYyYn5B
Request Chain 237
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAk2evLKBZaFQ_AKCEV-2nE&google_cver=1&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw&google_hm=M3pFRU1xcW5uN3E3UWY4bVlFWVk=
Request Chain 238
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHMozq6adWB4ur5dkakwkNo&google_cver=1&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBriUnX43k1ypzHuPdknUIwNx8H0qOTw4lq-wmzAUxJuFtCnKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBriUnX43k1ypzHuPdknUIwNx8H0qOTw4lq-wmzAUxJuFtCnKA
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Request Chain 243
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEzGZHj4QMTK0Q4-7VaZiJA&google_cver=1
Request Chain 245
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Request Chain 252
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cver=1&google_push=AXcoOmSa-0h93Et82JifZl_AwKdBzVUTze4ooJebsBcnpfdy82o3rhYj1A_JIz56mBDkP-C5V_5Jeg5h56xzUu6pZfZLbae9WnCI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cver=1&google_push=AXcoOmSa-0h93Et82JifZl_AwKdBzVUTze4ooJebsBcnpfdy82o3rhYj1A_JIz56mBDkP-C5V_5Jeg5h56xzUu6pZfZLbae9WnCI
Request Chain 254
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ6n2DHOrMkg14JEMKLl8RrK-_59cUi1Kbr9HOhEu1ejwxpdPTnnqeO7Mh7V1swbD238X1JoerV_Z62pdsqSvXn0ftD5gs&google_gid=CAESEE1LCFaSO-wRJ_HP44lAEt0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Z_m-KFLN8cvJbKHZsSPopb4OkWBsl17fq6T8DA&google_push=AXcoOmQ6n2DHOrMkg14JEMKLl8RrK-_59cUi1Kbr9HOhEu1ejwxpdPTnnqeO7Mh7V1swbD238X1JoerV_Z62pdsqSvXn0ftD5gs
Request Chain 256
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAeYoZOur0g_MdGc7ocGt7w&google_cver=1&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0na5b4hTBTsQcvaJxF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0na5b4hTBTsQcvaJxF
Request Chain 258
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAeYoZOur0g_MdGc7ocGt7w&google_cver=1&google_push=AXcoOmSdoamVOT2SA3XqjMsLxCWxbTUOuoJ47v8m5Lw9xWBLtwJtqV_pSaOxnLyKXRK-ZHziWA0HQMRJp6IaSkQP_-Rd3c63XSfryg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdoamVOT2SA3XqjMsLxCWxbTUOuoJ47v8m5Lw9xWBLtwJtqV_pSaOxnLyKXRK-ZHziWA0HQMRJp6IaSkQP_-Rd3c63XSfryg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPVGU6RzL-vhbwaSHLBP99c&google_cver=1&google_push=AXcoOmS2SDt5CPqxiOEO4rP6GnY5snzTyzhkYlrVICQWW0ndYBXSZKC97QRvAAC0Q_Qfp6DBgT8Lrmy_CViP9dhzAT3Ji34k2-UD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVGU6RzL-vhbwaSHLBP99c&google_push=AXcoOmS2SDt5CPqxiOEO4rP6GnY5snzTyzhkYlrVICQWW0ndYBXSZKC97QRvAAC0Q_Qfp6DBgT8Lrmy_CViP9dhzAT3Ji34k2-UD
Request Chain 263
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOK-3QZWfwCHtFC_jCOWJnY&google_cver=1&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTDdJ4fBbO2R3xX3P6I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTDdJ4fBbO2R3xX3P6I&google_hm=k_2V-89eS8CTe808l6vOpAU
Request Chain 265
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELtzsAwSJwPke_Pn99W_y1I&google_cver=1&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv&google_hm=M3pFRU1xcW5uN3FMam85RDFlM3E=
Request Chain 266
  • https://sync.inmobi.com/gob?google_gid=CAESEJRuluGQPAmv3e7KQZhNJug&google_cver=1&google_push=AXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lDTXmFS8BnN6kH5XQTshav1YIA8prl4GLlViqbVjkKEJwSUvD_Ze3IjQ HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lDTXmFS8BnN6kH5XQTshav1YIA8prl4GLlViqbVjkKEJwSUvD_Ze3IjQ
Request Chain 267
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGjE8u-iWTArmjoso1QzFtQ&google_cver=1&google_push=AXcoOmTY3aV2KveVl-XCf_yUTTjVfmJAAQqHwatQTUOhf50RbFdnBdhP04gO0IGE6bFzHQ2wSMa20euiRmBI8DBL9BvMj2z9UspE3g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEGjE8u-iWTArmjoso1QzFtQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTY3aV2KveVl-XCf_yUTTjVfmJAAQqHwatQTUOhf50RbFdnBdhP04gO0IGE6bFzHQ2wSMa20euiRmBI8DBL9BvMj2z9UspE3g&gdpr=${GDPR}
Request Chain 268
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESENCpFfC5veyvo3-oTbYnzwo&google_cver=1&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4JJpZD8XdiQm7zVkhKagAmC_6A6jTLEh6R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4JJpZD8XdiQm7zVkhKagAmC_6A6jTLEh6R

332 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ensonhaber.com/ 		129 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN / PHP/8.0.25
Resource Hash
ae69d2e3a6f95278996651707732ed33adcd20ccd812b45f5debee570cb84dd8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
95
allow
GET, HEAD, POST
cache-control
max-age=30
caching-type
litespeed
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 08:25:08 GMT
etag
W/"16439980-1701419007;;;"
merlin-is-mobile-desktop
1
merlin-is-mobile-viewer
0
server
MerlinCDN
via
HTTP/2.0 Merlin CDN
x-cache-status
HIT
x-edge
de-fra-dp-s03
x-litespeed-cache
hit
x-midtier
nl-naw-ws-s08
x-powered-by
PHP/8.0.25
home.min.css
s.ensonhaber.com/assets/css/ 		267 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b75489567bb0113c5462bf5cd8c63df39682d7ec2663e95a9896ae0565d422

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
10300
content-length
51203
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Tue, 31 Oct 2023 04:01:34 GMT
server
cloudflare
etag
"42b2a-65407c1e-e23cdf0978d11aa;gz"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc771c38-FRA
expires
Wed, 27 Nov 2024 04:10:19 GMT
inter-v2-latin-ext_latin-regular.woff2
s.ensonhaber.com/assets/fonts/inter/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-regular.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1375210
content-length
36104
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"8d08-639c9a83-8a94ee445f24e6c0;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc7e1c38-FRA
expires
Fri, 01 Nov 2024 08:28:54 GMT
inter-v2-latin-ext_latin-300.woff2
s.ensonhaber.com/assets/fonts/inter/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-300.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1850759
content-length
37584
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"92d0-639c9a83-275355ba44709d0b;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc7f1c38-FRA
expires
Thu, 07 Nov 2024 04:09:24 GMT
inter-v2-latin-ext_latin-500.woff2
s.ensonhaber.com/assets/fonts/inter/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-500.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1574745
content-length
38652
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"96fc-639c9a83-df183364806ed438;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc781c38-FRA
expires
Thu, 07 Nov 2024 05:59:30 GMT
inter-v2-latin-ext_latin-600.woff2
s.ensonhaber.com/assets/fonts/inter/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-600.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
270171
content-length
38852
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"97c4-639c9a83-c70c6bcb7fd34262;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc7b1c38-FRA
expires
Fri, 01 Nov 2024 10:51:30 GMT
inter-v2-latin-ext_latin-700.woff2
s.ensonhaber.com/assets/fonts/inter/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-700.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
24072
content-length
38908
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"97fc-639c9a83-82ee2966142daad0;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc7d1c38-FRA
expires
Fri, 29 Nov 2024 10:35:28 GMT
inter-v2-latin-ext_latin-800.woff2
s.ensonhaber.com/assets/fonts/inter/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-800.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1408129
content-length
38948
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"9824-639c9a83-d47e4f5f26ad6474;;;"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f015fc7a1c38-FRA
expires
Wed, 30 Oct 2024 08:17:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5672ab6f990ab8b4ad27206f33f66377f72ac8d316a4df00895088befa33c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30180
x-xss-protection
0
server
cafe
etag
923 / 19692 / m202311150101 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:08 GMT
esh-tag-v3.js
s.ensonhaber.com/assets/js/lib/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/js/lib/esh-tag-v3.js?r=5.3_854f0cf-v36
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7141fe23f59efa506ec5a07a1f3d36625f52ac1e3b8906a64ed72c5ca57aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
content-encoding
gzip
cf-cache-status
HIT
age
103958
cf-polished
origSize=11320
x-vtex-cache-status-nginx-thumbor
HIT
cf-bgj
minify
last-modified
Thu, 23 Nov 2023 23:28:00 GMT
server
cloudflare
etag
W/"2c38-655fe000-8d0e0d051fe53458;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
cf-ray
82e9f016bc26373d-FRA
expires
Thu, 28 Nov 2024 06:16:48 GMT
client
accounts.google.com/gsi/ 		205 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d006b8e18a5756196c8a3f18ed9ccb0da3bc0f8def44cf6489db4b1df0ad4d7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-oeZWxfGNxEUXXFZ8UWrOhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-oeZWxfGNxEUXXFZ8UWrOhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 01 Dec 2023 08:25:08 GMT
logo.svg
www.ensonhaber.com/assets/img/nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/nav/logo.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
MerlinCDN
age
281521
etag
W/"801-639c9a83-2deb684a3979a6f;;;"
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
656996b555eee933.jpg
icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/656996b555eee933.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7d32f77b5aeffd20611cb815452bd7bb24395d42add8fb2e6d118c0605482e
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
334
cf-polished
qual=85, origFmt=jpeg, origSize=112348
content-disposition
inline; filename="656996b555eee933.webp"
x-msg
resmio-server116
x-request-id
kNYe3gTk_s1PiGitxNllP
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:18:06 GMT
server
cloudflare
etag
W/"0ERS41hcIdR-dZMWyh7Q2FhrCYI3meJWS6qHG-F2OB0/RIjY1Njk5NmRmLTRkY2ZlIg"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f015f8ba9957-FRA
expires
Sun, 31 Dec 2023 08:18:06 GMT
656997f751f49761.jpg
icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/656997f751f49761.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecabf6dbf8b0fc70d6d9d8454de272143040e1eb704dde48731de99ba36d84b8
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
85
cf-polished
degrade=85, origSize=60897, status=webp_bigger
content-disposition
inline; filename="656997f751f49761.jpg"
x-msg
resmio-server116
x-request-id
iHTigfotsMVXlRREh2wcI
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:23:26 GMT
server
cloudflare
etag
W/"X-f4-N6ChSaAIQl_g2O_xZ7C3jK1oP44sYnVqm_fjiE/RIjY1Njk5ODIyLTU5YWZiIg"
x-resmio-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
cf-ray
82e9f015f8bc9957-FRA
expires
Sun, 31 Dec 2023 08:23:26 GMT
config.js
s.ensonhaber.com/assets/js/lib/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/js/lib/config.js?v=5.3_854f0cf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9282d5ef118e11b4abfa56df1d3ee6583370b58a0042f77f5184b03560faa7ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
content-encoding
gzip
cf-cache-status
HIT
age
281551
cf-polished
origSize=8070
x-vtex-cache-status-nginx-thumbor
MISS
cf-bgj
minify
last-modified
Tue, 17 Oct 2023 02:20:52 GMT
server
cloudflare
etag
W/"1f86-652def84-72632ad12cd8d9f6;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
cf-ray
82e9f016bc2b373d-FRA
expires
Wed, 27 Nov 2024 02:11:37 GMT
splash.js
s.ensonhaber.com/assets/js/ads/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/js/ads/splash.js?v=5.3_854f0cf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ed170d4de33a423918b098ffeb9f8c89ec6ceb6b7916aa1556e123852ea202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
content-encoding
gzip
cf-cache-status
HIT
age
17833
cf-polished
origSize=5273
x-vtex-cache-status-nginx-thumbor
HIT
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 20:22:57 GMT
server
cloudflare
etag
W/"1499-655a6ea1-9e438742fe5615a7;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
cf-ray
82e9f016bc2a373d-FRA
expires
Wed, 27 Nov 2024 03:24:35 GMT
scrollbooster.min.js
s.ensonhaber.com/assets/plugins/scrollbooster/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/plugins/scrollbooster/scrollbooster.min.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1754822
content-length
3744
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Mon, 24 Apr 2023 13:24:08 GMT
server
cloudflare
etag
"340b-644682f8-33996e347c569589;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016bc29373d-FRA
expires
Sat, 09 Nov 2024 20:36:21 GMT
home.min.js
s.ensonhaber.com/assets/js/ 		204 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/js/home.min.js?v=5.3_854f0cf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f113d1a132cc49f5b3afca61a8fb4a05c9fb90efbca4fd66d9249fab206c62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
281560
content-length
58754
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sun, 19 Nov 2023 20:22:57 GMT
server
cloudflare
etag
"330ad-655a6ea1-57d559ad79989dc6;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016bc2d373d-FRA
expires
Wed, 27 Nov 2024 02:11:50 GMT
login.min.js
s.ensonhaber.com/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/js/login.min.js?v=5.3_854f0cf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74707ecacb51717158bbb7206f7bc42401e3f07f99c443ee2988b1867d93400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
281560
content-length
4413
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sun, 19 Nov 2023 20:22:57 GMT
server
cloudflare
etag
"3c63-655a6ea1-28d57f30cfaebf65;gz"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016bc27373d-FRA
expires
Wed, 27 Nov 2024 02:11:37 GMT
tracker1.js
cdn.p.analitik.bik.gov.tr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p.analitik.bik.gov.tr/tracker1.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-173.datapacket.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f087d2e739e1940bae65c7ad89ef73550fe5b6d2cfc3562f5fa68724aded0f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69634
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Dec 2023 08:25:08 GMT
search.svg
s.ensonhaber.com/assets/img/nav/ 		503 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/search.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
181699
content-length
288
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"1f7-639c9a83-7df830a54a0303c3;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc3a373d-FRA
expires
Wed, 27 Nov 2024 05:22:05 GMT
tv-live.svg
s.ensonhaber.com/assets/img/nav/ 		392 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/tv-live.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1572655
content-length
286
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"188-639c9a83-32710c5bc2f0f20f;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc40373d-FRA
expires
Thu, 31 Oct 2024 10:45:55 GMT
archive.svg
s.ensonhaber.com/assets/img/nav/ 		238 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/archive.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2677324
content-length
202
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"ee-639c9a83-18325224231ec6ac;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc3e373d-FRA
expires
Sat, 12 Oct 2024 11:57:23 GMT
theme-dark.svg
s.ensonhaber.com/assets/img/nav/ 		545 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/theme-dark.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1481361
content-length
321
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"221-639c9a83-d5d50ee83eb5dfb6;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc38373d-FRA
expires
Thu, 31 Oct 2024 05:32:43 GMT
notifications-off.svg
s.ensonhaber.com/assets/img/nav/ 		1 KB
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/notifications-off.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2606409
content-length
716
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Fri, 10 Mar 2023 13:24:25 GMT
server
cloudflare
etag
"573-640b2f89-b9e1aca0490ef169;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc3f373d-FRA
expires
Wed, 30 Oct 2024 07:15:58 GMT
user.svg
s.ensonhaber.com/assets/img/nav/ 		379 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/user.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1403520
content-length
260
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"17b-639c9a83-5a3c1594c91c1939;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016bc31373d-FRA
expires
Sat, 12 Oct 2024 11:57:23 GMT
flag.svg
s.ensonhaber.com/assets/img/nav/ 		664 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/flag.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2512140
content-length
397
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"298-639c9a83-2532c638c956b99e;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc3d373d-FRA
expires
Thu, 31 Oct 2024 08:29:49 GMT
truncated
/ 		295 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
hamburger.svg
s.ensonhaber.com/assets/img/nav/ 		141 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/hamburger.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
x-msg-05
fetch: save cache with 1M
content-encoding
gzip
cf-cache-status
HIT
age
110692
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
W/"8d-639c9a83-d5ea281d6f82c105;;;"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
cf-ray
82e9f016bc2f373d-FRA
expires
Wed, 30 Oct 2024 07:25:14 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
youtube-white.svg
s.ensonhaber.com/assets/img/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/youtube-white.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2616693
content-length
1754
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"f42-639c9a84-de402b8448af89b4;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc41373d-FRA
expires
Sat, 12 Oct 2024 11:57:22 GMT
youtube-player.svg
s.ensonhaber.com/assets/img/svg/ 		1 KB
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/youtube-player.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
104115
content-length
567
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"431-639c9a84-a968250828655b7a;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc43373d-FRA
expires
Tue, 12 Nov 2024 12:22:26 GMT
logo.svg
s.ensonhaber.com/assets/img/nav/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/nav/logo.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1832359
content-length
1038
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"801-639c9a83-2deb684a3979a6f;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc45373d-FRA
expires
Thu, 31 Oct 2024 02:20:48 GMT
telegram.svg
s.ensonhaber.com/assets/img/social/svg/ 		393 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/telegram.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1403682
content-length
277
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"189-639c9a84-96400f8900acc41e;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc46373d-FRA
expires
Thu, 07 Nov 2024 08:42:59 GMT
whatsapp.svg
s.ensonhaber.com/assets/img/social/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/whatsapp.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1572706
content-length
1108
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"acf-639c9a84-20f1ab362ceade15;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc4b373d-FRA
expires
Thu, 07 Nov 2024 04:01:37 GMT
youtube.svg
s.ensonhaber.com/assets/img/social/svg/ 		953 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/youtube.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1653819
content-length
423
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"3b9-639c9a84-92da1d82d3fbff6f;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc4d373d-FRA
expires
Sat, 12 Oct 2024 11:57:23 GMT
twitter-new.svg
s.ensonhaber.com/assets/img/social/svg/ 		1 KB
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/twitter-new.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575822b2804b6d5e6b6785e31411223f56a77e4c80d7588ea8a5d3ed06404700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2606409
content-length
615
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Wed, 06 Sep 2023 02:22:57 GMT
server
cloudflare
etag
"43c-64f7e281-6380c4d510f1dd93;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc50373d-FRA
expires
Thu, 31 Oct 2024 01:03:03 GMT
instagram.svg
s.ensonhaber.com/assets/img/social/svg/ 		2 KB
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/instagram.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1667399
content-length
737
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"853-639c9a84-13d92e1e1566001a;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc52373d-FRA
expires
Fri, 01 Nov 2024 05:25:20 GMT
facebook.svg
s.ensonhaber.com/assets/img/social/svg/ 		656 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/social/svg/facebook.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
97007
content-length
393
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"290-639c9a84-a482b1a13127354d;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cc53373d-FRA
expires
Thu, 31 Oct 2024 19:41:04 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
eshicons.ttf
s.ensonhaber.com/assets/fonts/eshicons/fonts/ 		23 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.ensonhaber.com/assets/fonts/eshicons/fonts/eshicons.ttf?ncw6hm
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9

Request headers

Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:08 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4685
content-length
12530
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:15 GMT
server
cloudflare
etag
"5a5c-639c9a83-56e91538b3845a0f;gz"
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f016cd561c38-FRA
expires
Fri, 29 Nov 2024 05:24:55 GMT
borsaticker
www.ensonhaber.com/dynamic/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ensonhaber.com/dynamic/borsaticker
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN / PHP/8.0.25
Resource Hash
1328840860b4b87eb959dea24e913a4bf0a68c1117c8e2e7d1e2d18198e2f751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
server
MerlinCDN
age
17
x-midtier
de-fra-dp-s02
x-cache-status
HIT
x-litespeed-cache
hit
x-powered-by
PHP/8.0.25
content-type
text/html; charset=UTF-8
allow
GET, HEAD, POST
etag
W/"31836522-1701418585;;;"
x-edge
de-fra-dp-s03
cache-control
max-age=300
caching-type
litespeed
disc.svg
s.ensonhaber.com/assets/img/svg/ 		292 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/disc.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a938f8c9ca3e8f804e7a30a2dbe31f3e8e3903f7c419d20bd5d2bc268368b6a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1903022
content-length
191
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"124-639c9a84-d4e99acc2bbb8dd0;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f0176d0d373d-FRA
expires
Sat, 12 Oct 2024 11:57:22 GMT
istanbul.json
api-stg.ensonhaber.com/data/havadurumu/ 		3 KB
943 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-stg.ensonhaber.com/data/havadurumu/istanbul.json
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.25
Resource Hash
596b58883adb8e4a8849dca9654eaec8d2a22416ce3fd06eb7af97aebd433886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
cache-file
data___istanbul_saatlik_2023-12-01.json
cf-cache-status
HIT
age
41
x-powered-by
PHP/8.0.25
x-litespeed-cache
hit
content-length
532
server
cloudflare
etag
"441057-1701418910;gz"
vary
Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-server
api-srv-1
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
x-requested-with, origin, x-requested-with, content-type
cache3
out-of-memory
cf-ray
82e9f017cf1d19a0-FRA
loading-red.svg
www.ensonhaber.com/assets/img/svg/ 		1012 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
281455
etag
W/"3f4-639c9a84-c475a4ec4487325e;;;"
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
loading-red.svg
s.ensonhaber.com/assets/img/svg/ 		1012 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
91727
content-length
284
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"3f4-639c9a84-c475a4ec4487325e;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f0178d34373d-FRA
expires
Fri, 29 Nov 2024 03:51:07 GMT
6569907839e8a144.jpg
icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/6569907839e8a144.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84e6d30301cbe4a30801d17c0d7d04c974cfea0b092a71e545563a5441917b0
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
186
cf-polished
qual=85, origFmt=jpeg, origSize=34988
content-disposition
inline; filename="6569907839e8a144.webp"
x-msg
resmio-server116
x-request-id
xUXlVRiZiQu419xbagMND
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:20:15 GMT
server
cloudflare
etag
W/"Keg6xptRgfTtWHG2iTbaaiqmPwjKG1Jktnt9iiXiSrc/RIjY1Njk5MGEyLTZjM2E0Ig"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f0179aa49957-FRA
expires
Sun, 31 Dec 2023 08:20:15 GMT
6569970882a8d585.jpg
icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/6569970882a8d585.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31482a807201349a8714c2e3036907585f8f37a698afbb9ca7c0042b431b35c3
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
249
cf-polished
qual=85, origFmt=jpeg, origSize=41836
content-disposition
inline; filename="6569970882a8d585.webp"
x-msg
resmio-server116
x-request-id
UkCaa4U0xERW_uCMxg-Cl
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:19:30 GMT
server
cloudflare
etag
W/"Keg6xptRgfTtWHG2iTbaaiqmPwjKG1Jktnt9iiXiSrc/RIjY1Njk5NzMzLTJjNTFmIg"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f0179aaa9957-FRA
expires
Sun, 31 Dec 2023 08:19:30 GMT
6569904c0b727328.jpg
icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/6569904c0b727328.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be998be6dd2d82c7b9dc63aedc09f1e8e123734838486cf63f584b421f2d39b
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
1838
cf-polished
qual=85, origFmt=jpeg, origSize=64266
content-disposition
inline; filename="6569904c0b727328.webp"
x-msg
resmio-server116
x-request-id
9K2qevmgqCVJ4K3w0oLiN
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 07:53:10 GMT
server
cloudflare
etag
W/"Keg6xptRgfTtWHG2iTbaaiqmPwjKG1Jktnt9iiXiSrc/RIjY1Njk5MDc2LWI0YTAyIg"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f0179aae9957-FRA
expires
Sun, 31 Dec 2023 07:53:10 GMT
6569902d3a604740.jpg
icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/6569902d3a604740.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2bc09b81a009c9a8f1b37e7d0b55d0bbe051805a53fd6b84b28404e9adf8897
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
1974
cf-polished
degrade=85, origSize=60738, status=webp_bigger
content-disposition
inline; filename="6569902d3a604740.jpg"
x-msg
resmio-server116
x-request-id
3INZVtRsK5FceEyZzveT0
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 07:50:12 GMT
server
cloudflare
etag
W/"Keg6xptRgfTtWHG2iTbaaiqmPwjKG1Jktnt9iiXiSrc/RIjY1Njk5MDU3LTRmMTQ3Ig"
x-resmio-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
cf-ray
82e9f0179ab19957-FRA
expires
Sun, 31 Dec 2023 07:50:12 GMT
6569827a364e2872.jpg
icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/465x520/resimler/diger/kok/2023/12/01/6569827a364e2872.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a54f5996cb3b7c7b098d1ebc1677ac959b33c61856165a2f81bb3bb073f020
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
5590
cf-polished
qual=85, origFmt=jpeg, origSize=54670
content-disposition
inline; filename="6569827a364e2872.webp"
x-msg
resmio-server116
x-request-id
c5AHB3b8jQXF0ZbSfYyVU
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 06:51:45 GMT
server
cloudflare
etag
W/"Keg6xptRgfTtWHG2iTbaaiqmPwjKG1Jktnt9iiXiSrc/RIjY1Njk4MmE0LTMyMDk5Ig"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f0179ab49957-FRA
expires
Sun, 31 Dec 2023 06:51:45 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
583a10f9d0dda0fc52a22676914b9ed37bac133b2531c30655452cf377b084bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103727
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 08:25:09 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		150 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=4153
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f44fce82f3098c0f8088916772a9b9fd52e26748fe0276632a9387b16dac13

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
116
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400
content-length
44412
x-response-time
1ms
last-modified
Fri, 01 Dec 2023 08:23:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
82e9f017ffa95d80-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:16:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
36522
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138149
x-xss-protection
0
server
cafe
etag
11558412289700915514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Nov 2024 22:16:27 GMT
up-green.svg
s.ensonhaber.com/assets/img/svg/ 		764 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/up-green.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1903106
content-length
504
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Wed, 28 Dec 2022 15:09:42 GMT
server
cloudflare
etag
"2fc-63ac5c36-8edaee021ef5d882;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f017fda5373d-FRA
expires
Wed, 30 Oct 2024 11:22:00 GMT
bitexen.svg
s.ensonhaber.com/assets/img/svg/ 		9 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/bitexen.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1734684
content-length
7235
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
cloudflare
etag
"2559-639c9a84-eb01bfa43127277e;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f017fda6373d-FRA
expires
Thu, 07 Nov 2024 08:43:01 GMT
down-red.svg
s.ensonhaber.com/assets/img/svg/ 		735 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/down-red.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2013385
content-length
487
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Wed, 28 Dec 2022 15:09:42 GMT
server
cloudflare
etag
"2df-63ac5c36-bff6e9315efa01c9;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f017fda7373d-FRA
expires
Wed, 06 Nov 2024 23:26:31 GMT
crypto-currency-white.svg
s.ensonhaber.com/assets/img/svg/ 		777 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/svg/crypto-currency-white.svg
Requested by
Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.ensonhaber.com/assets/css/home.min.css?v=5.3_854f0cf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1983497
content-length
473
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Wed, 28 Dec 2022 15:09:42 GMT
server
cloudflare
etag
"309-63ac5c36-e35f449c24d92fc1;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f017fda8373d-FRA
expires
Wed, 30 Oct 2024 08:21:16 GMT
12.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 		2 KB
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/12.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
548b0cabeaa9e5c55e15b5867c4fee085797c9fba5e2fcc666edde7bcbf02571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
256049
etag
W/"7f0-639c9a84-50fda396cd1b8d9;;;"
x-midtier
de-fra-dp-s02
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
4.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/4.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
2df5e79fca419ec357ab909bc4b775580a5181fbd44449775d4eaa9b88654133

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
281513
etag
W/"81d-639c9a84-6e71dfd55ab3d608;;;"
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
3.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 		2 KB
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/3.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
555ed6cb3cb90591bf3def916ba208cafc830119b100866bfb7fa7fa2bf3fe9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
281455
etag
W/"693-639c9a84-2a8f67e15c27c2db;;;"
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
6.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/6.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
2e126140f908fe288b51b2b69ac970ee9daa6ccce1cb97235cd8d76908cb8196

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
281513
etag
W/"7d1-639c9a84-98c5a43576c67c70;;;"
x-midtier
de-fra-lea-s01
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
7.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 		660 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/7.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.102.219.172 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-102-219-172.datapacket.com
Software
MerlinCDN /
Resource Hash
ea7a657582d65aa1783672d99830e44ee628b90b8083f0882601ea3cac6c5436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
HTTP/2.0 Merlin CDN
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 16:19:16 GMT
server
MerlinCDN
age
270827
etag
W/"294-639c9a84-33f64d50b0af7ec0;;;"
x-midtier
nl-naw-ws-s08
x-cache-status
HIT
allow
GET, HEAD, POST
content-type
image/svg+xml
x-edge
de-fra-dp-s03
cache-control
max-age=31536000
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je3bt0v898969204z8898956436&_p=1701419108872&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=387768742.1701419109&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701419109&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=499
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/?random=1701419109186&cv=11&fst=1701419109186&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v898969204z8898956436&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&auid=1361652251.1701419109&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
892166f2b76359864825c6cdf11229dc21595a0d919ddfe0e2cae8eed7609fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
31c0ac46148b26b8ae9350990d85a51d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 02 Dec 2023 08:25:09 GMT
ingest.php
events.newsroom.bi/ 		50 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4153
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2262118106955386&correlator=754724009553255&eid=31079784%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=1&didk=4069353581&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701419109312&lmt=1701419109&adxs=315&adys=1227&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&psz=1600x7281&msz=1600x280&fws=4&ohw=1600&ga_vid=387768742.1701419109&ga_sid=1701419109&ga_hid=1768980302&ga_fc=true&a3p=EhcKCHJ0YmhvdXNlGO6W7aPCMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjulu2jwjFIAFICCGQ.&dlt=1701419108744&idt=469&adks=3495788682&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
649b3cde87ad9baec799a5b088cd2cec4d68b8868cbd91f6696b3ebe0c3b8367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47596
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2668 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1065653642/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1065653642/?random=1701419109186&cv=11&fst=1701417600000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v898969204z8898956436&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN2nwxd5LszYWCYSWijr8SLfqY4NgJsg&random=2265300741&rmt_tld=0&ipr=y
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1065653642/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1065653642/?random=1701419109186&cv=11&fst=1701417600000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v898969204z8898956436&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN2nwxd5LszYWCYSWijr8SLfqY4NgJsg&random=2265300741&rmt_tld=1&ipr=y
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 38F0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:08 GMT
server
Kestrel
server-processing-duration-in-ticks
286936
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 38F0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7z3Q0nxlYmV4T1J4MEFHZmZCVEViZzgrMzNQb3puelE4bDhUbHJBSDlDZ1dod0dkZUovekRzcDdJWjNhTHZNU3p5Yk1YU0JNS3F5M2krbGJaR1lRdjdHMU1XNTVCRlhQekMwVXJZc053MFlpRmFVS2pCN0g3SnozdUtJbD...
419 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7z3Q0nxlYmV4T1J4MEFHZmZCVEViZzgrMzNQb3puelE4bDhUbHJBSDlDZ1dod0dkZUovekRzcDdJWjNhTHZNU3p5Yk1YU0JNS3F5M2krbGJaR1lRdjdHMU1XNTVCRlhQekMwVXJZc053MFlpRmFVS2pCN0g3SnozdUtJbDV6NEk3NVhYM2M3NnVXUER5OEV5UmtPTXZMbWl0S2t6Y05GY3ZMRDNrS3AyK3ZKQTE3Q2paakRYZWs5OEJHdVgyczk4Q2sxVWlrMnhuR1lwSlNCTFEyeElYT01GT2U2ZFV3OFlIUXJ2blo4bVl5cVZZd252SHI2NEhhVVlaNHZ2c1c0YjlmdHBLSmgzU1NzTy9PTTRHdW1MZWJzYms1eGhCUkk1aTB2MVJnSTBJVndrRE9DMD18&cppv=2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
01101a9e16410c658785cf02cef1cf585f629c7bec2f186ff14d88a5917a0c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1401681
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7z3Q0nxlYmV4T1J4MEFHZmZCVEViZzgrMzNQb3puelE4bDhUbHJBSDlDZ1dod0dkZUovekRzcDdJWjNhTHZNU3p5Yk1YU0JNS3F5M2krbGJaR1lRdjdHMU1XNTVCRlhQekMwVXJZc053MFlpRmFVS2pCN0g3SnozdUtJbDV6NEk3NVhYM2M3NnVXUER5OEV5UmtPTXZMbWl0S2t6Y05GY3ZMRDNrS3AyK3ZKQTE3Q2paakRYZWs5OEJHdVgyczk4Q2sxVWlrMnhuR1lwSlNCTFEyeElYT01GT2U2ZFV3OFlIUXJ2blo4bVl5cVZZd252SHI2NEhhVVlaNHZ2c1c0YjlmdHBLSmgzU1NzTy9PTTRHdW1MZWJzYms1eGhCUkk1aTB2MVJnSTBJVndrRE9DMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
310696
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		296 KB
90 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2262118106955386&correlator=1086730411957938&eid=31079784%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F3&prev_iu_szs=970x90%7C970x250%7C300x250%7C336x280%7C728x90%2C1x1&ifi=2&didk=1942439666~3991379447&sfv=1-0-40&ists=1&fas=0%2C8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701419109510&lmt=1701419109&adxs=315%2C-9&adys=280%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&psz=1600x7281%7C0x-1&msz=1600x280%7C0x-1&fws=4%2C2&ohw=1600%2C0&ga_vid=387768742.1701419109&ga_sid=1701419109&ga_hid=1768980302&ga_fc=true&a3p=EhcKCHJ0YmhvdXNlGNiX7aPCMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjulu2jwjFIAFICCGQ.&dlt=1701419108744&idt=469&adks=2226852388%2C2447352499&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba262a411917050efe3a8d72d08446dd5e9b532105c9268fa464af7befbc7502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92415
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		113 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2262118106955386&correlator=2323518072406011&eid=31079784%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cstickybottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=2849408439&sfv=1-0-40&ists=1&fas=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701419109514&lmt=1701419109&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=387768742.1701419109&ga_sid=1701419109&ga_hid=1768980302&ga_fc=true&a3p=EhcKCHJ0YmhvdXNlGNiX7aPCMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjulu2jwjFIAFICCGQ.&dlt=1701419108744&idt=469&adks=1364334729&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
215c28667055c88261d05e89d47bbd3eb1ad9c1be720e372cafcf0328b6d6866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47060
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		178 KB
58 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2262118106955386&correlator=3466791562555684&eid=31079784%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cpageskin%2Cpageskin_genel-sag&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=160x600%7C120x600%2C160x600%7C120x600&ifi=5&didk=827379079~827378804&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701419109517&lmt=1701419109&adxs=33%2C1407&adys=153%2C153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ensonhaber.com%2F&vis=1&psz=1194x-1%7C1194x-1&msz=300x-1%7C300x-1&fws=516%2C516&ohw=300%2C300&ga_vid=387768742.1701419109&ga_sid=1701419109&ga_hid=1768980302&ga_fc=true&a3p=EhcKCHJ0YmhvdXNlGNiX7aPCMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRjulu2jwjFIAFICCGQ.&dlt=1701419108744&idt=469&adks=549661912%2C2103359600&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5266b9481b658a49d04acaf818e3805171a1d85724d499e754c02166b4e51fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58985
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:47:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
38257
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13736
x-xss-protection
0
server
cafe
etag
9658267497644244280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Nov 2024 21:47:32 GMT
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 967B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8225 		624 B
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 967B 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Origin
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 16:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 16:17:22 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 967B 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 967B 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 967B 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
570001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 967B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6219 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 967B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 967B 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BU1goctzYgcXmbyMs6LtERD48enQLotbDTLc-1Oz88bHiZigEQATDjHrIqP-MqsE0KpA13czV30JY6kLM2xnG0uXFOD8bkN5rnGeiBLI7Xtk4JEk4
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 967B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGiKjMBzAwVMteWvPkF0k6jYoGGfztDetgKY7biMwHGLxs3XtYpLw7pxlNx4X0UCLY1nRU2R_jFE9qG6nwsXVKd4D3cw
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 967B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:09 GMT
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4530 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C785 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 8225
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
43 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQmuwa%2FqmigfgfJ0ZobZ6p0jEfIFVnaYpyriz9PdAhT%2B0qiNF9xaafBDoSQrS0LC0r4wdfCt4JpoSIIgmyamiORlnqwvaZ4DgfT3t1EaxZeYTUp6oqvVcvHd%2FOvTt8mJUXE4PhuQiWj%2FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f01e0aef5c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8225
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf49yFXpols4iAKlSsFzK4RTnr8QztMl1OUa%2FnzPUzzDfAcCrkFQDcNeer2WQ71rXOG84ILUpc%2BMesbiqLLEr9Qxu3DphzaYt1LiHpX6ym%2BubdiMI9WT882%2BPsOUWIp5hUb4YhhDMQjOyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f01e4b285c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8225
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
f07dd6da-6d80-4e38-96dc-fac191ec289a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8225
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNU8G87sRl4tIdZ9ocb8VQzi3fw8hrcKp62jWrsrfEkKjLEqwjIEt9mWzY8qwvMr6LkoHcp91azjvXwIBJU42_efHLlU4qVA808t4z5W50RPOROTqiTuB4HpNwlM1XNkeuDSSZa62Hnr3tn-F7FhWVK0FL0HvKGh8abSNKr2S881sGbC6gO6VbI2lmtbkGlvbTdcn-jW
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
7b8f6e4f-2721-482e-b086-cbc2c02d05de
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9657 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4530 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Origin
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 4530 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 4530 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4530 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
570002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4530 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D4D4 		1 KB
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 4530 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4530 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5pb-zNR-0qRBpRUVs_6jTmM3eXMeaT0nJ4rErRZm6yFdNO6aUzhH5Mtr8-4BpgM407YSOSHHhiIwtspKHMysFV-PSYCj8JPXfbwcm9mkoZ0Jq0Sc
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 4530 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFC3KB0EonvXH8ri65cHmYN0bbrJYCir0j5KUtJAohENcNRziVcQwwk9TAgGkKYvmxfJPh_RIncNhpMpQt7cdnOWLr-g
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4530 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 046C 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C785 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame C785 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
view
ad.doubleclick.net/pcs/ Frame C785 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssYUP-dWmLFbusR9LJmQCWNc4n9f2DFFuZG0Dk2UoV6_oi8lICUky2kcc0N-niKzD2mi7iveMq36ZJgrlUaDaiCaBpKn43gTtEseiL8V21AyIDPA8Zt_y26KaP-7QxyLbEcD7m-ewdeWTYeZjplDOws5Or2Zeg3CzoU5mJkohBusy8KplGTIjw-UmbvHIIWwOMyR02w3lv_aDxaVBiLrPbLsyo-Me_MnTEQJR6L3Fi8IcHqb-IDrteELVb5lqBvW_pbNlkA9lYn4uw30_3Et9BiJJkIa7HrWiRFemTSCc7dEb3yrsKfVFOiT6eK0YQCMA4yT29z28N78zNpBjsBKlsxnODrvBXZpfb4kvYsqyrrxRHcPXsmn_rcSYwDN2DTg6jkY0tspIVmt4-U4FLSS2qYsy6cLeJajjXjoryWN3egOsmmn1PAHW4RAr5LQVLPgf-Q70J6M3n3zRjGuTE24lZ-ERVGd9GPv5qi5QzToGw7ulVSSLEAad-1SXTSlpTdZVWs0e_wh6Q2MiYUWbJxnP7EPhgPa2Y-t-KlA4J6Y6nH8vp1ry7u6oDh6AKswflNl0q7VOA-Cq09KQBRsyl3sALAF4MQmzZx-t7VfQeKiWEp-26RDWJsawkLTNRggTtlCz-F2b9gKUhfUOGVZ-HFVs4S_4jApQM2FSKeHimv4M70bvDmwwMkt7ccuQKZFUx_MFXGdasBcT2t1-1iNSn_0hqBdS04L8TTQwMdvfDadngri4jTo66Tsw2k6dPV4V_bCUvPpYMKQXZPqszGZzGkfiQjbAZd0k_bSBNqLyz8xhET8rRXFJKceBsDH6vmydSeEAWe1IJ3pCJ61kseSPiAgxegb___xTiVhIamoy4tKDw61ZV4mr6XabwRA_9Ta_7ISk22e9ODuw4yz2JJiQlTCBy5QhidyYEpYssnHEXHnwmZCfhspCUvI6gge5zvn__GpppPLyltsm1NHqfUQAp2osSIAQJq9agWV-H2hRwMlMuI7eNwh8bAH3LgH8e5d9eC5NAOf9n-26G0LRE8pBmGlqs2d8f1wmJa42LBIpWMcgVYzd2qRJhA9ZCDvva6ZQWQ0vZNyLxYjDUbSo5RD7lWUnPTy0KbK7fy-gzmTLevTICqUqXmw2v3q6VsfnfE5L3IXwCokGfx8xGQUo28mTu3v_qVLkolfKIw9ZQfiJnxpPRl1TLDSIXPul_LKlwYXE73TdGNDt4F0ZkosAZ4GD98MNERoZQ5zs0SghNH4t-8K_39DrVSN-PNUpMCHiDNB7VrB9X-Yq6J-811hrsXz9nUYCIbJtjRLi346fp27CzAAvUC_QLssHwxg5FVYptcncqZ5XcuIZNbZv_FbLvXh93k_h3l23-en0U1r0JxdcHyz42Y0l-mUGgLp_aY6BvJRJENl2Va8jWb9mELi5L8hi27xe1vkSgSzw6Bir5z9YoLw_fQlZspIUqz1m05IAfYRgrderGAZy8Dm3AppLKjFGJ2uygMUwQJQ00gvm7L2PdzF-Gj13LwDUdIYx5X&sai=AMfl-YR7iU0mwfpkJDOoqKArXvWnyAJOV3yBX-TQ9flZCJkBAfCKngUmAZ8UpbMD46PYOCPlj7w8dLIh4kBA09OBIf8cdGopbMMVhrk-9EJTOHrQoIHKT10_o3oZhI47BQqVUCXnX3DTwoix8rhpqOxeE8Z-oFlh8JzByJKVVBggI6SsNzlY1YrQsFFEiyZfMrgwFwHoJy7uTDMiFpANqOxy7t5ILiIu89t1TpmPFPn-ONRVidlYVs4z2fSEYzCprB6LFmRnvzLOVCFg452LoNRoHmvuzbjbQ8WCGI14D30fEWUOFDkEfPMGAXP-sz1Xt-YNHC_xtKY7kGAYP9t0eL3QzJEuq3nuOkpUdDP2wldK0YCVFJk7pMULVYKoq8KPpvuwzk8-Zrq8qfEhqe4G31aTisShvzkLsPwhYfyREIsEazwqZGGWt74S068lJcdkYXUw&sig=Cg0ArKJSzKV0D3xqCLvdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20231129.66225&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C785 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
570002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C785 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 083C 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C785 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C785 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1_mRVgIKAR1Z4q4stcs-Ri9VTlzX5k7K14azKBZVCiADHjRVLDqm9gyoy-rUIO0FkbskOzzLVJeMqBtjm7QQIudkbZd2-s7wuqzrGw_anFtt7yZw
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame C785 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTnMw15Y1jNT7DdSxFVO9nS7VYjxFxKPlfXf7zugnfMwiU_pLchbu5iLbnIuyJ7spwsGbzHazumDIAeP9YzDPRkMroSA
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C785 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:10 GMT
15554987764050598044
s0.2mdn.net/simgad/ Frame C785 		419 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15554987764050598044
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf294349d070c4ba6a83aa927d51ff121273a919dcdd2424bdd09a1f5b1bba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:04:24 GMT
x-content-type-options
nosniff
age
138046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
428854
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 13:44:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 18:04:24 GMT
i.match
s.tribalfusion.com/z/ Frame 6219
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxd...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e9f01f8fcf4db7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
829
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO-alVYipvnRXl7OzGqH_Qk&google_cver=1&google_push=AXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ72NlsrUVP_b3l9FOOP60NgPipEwm5SdkiQrv8Lh6PcG8tddO3M4ZVyYMNo-NzyVaZMoS4EOy73ROOwebp5hTUyFM2xxdj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82e9f01e0db94db7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 6219 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOuKZSDktY4v5uy2bmOIPGA&google_cver=1&google_push=AXcoOmRXU5xhcKePXZAxnnVBXee97CV0VaJypCahCuffLtX-QaJT9nIkIOsboBNl8RMZjAGXwbjyTfBsDm4SuB0XizvRcGOcz1yZ
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
us
sync.go.sonobi.com/ Frame 6219 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmSzk3sm_ROHVBCLTG2UHxnyBfuJC3y3I2EpE6be02OyTdYK9K_cAIAach25zWREz2I-oyGh9ewO0U5YUTdBVrJvGLOc5OYy%26google_hm%3D%5BUID%5D&google_gid=CAESEKpR0WNsof8OlAyr9cSo6k0&google_cver=1
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-212
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
-
s.ad.smaato.net/c/n/// Frame 6219 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELyumcX9-3AnF-bhIv3_Tgw&google_cver=1&google_push=AXcoOmTlZslZf0IoGpn3pWUgY1kPiJUiUpcXMoh7kb5m0N3VHhRlDno4sBSieRXYTFt7whijrnL5lFJgWY8Hbhwx8Nkq4C_qzNRJ
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, must-revalidate
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
3EeAbNzk6WDD606zP1fBTTnFP7bz2tnt3S2UBZayT1cJJ93u2XPbpA==
x-cache
Miss from cloudfront
/
onetag-sys.com/match/ Frame 6219
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ2h_--8e15mPJjhuSKLk9k&google_cver=1&google_push=AXcoOmR3YoGvqknQORaD21DYxJrd9wP1i1Rrgm-35SxnQ4NfBCi9iOgg7EC7ScgsK3BSGigb9VwJdFEq8Ig...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR3YoGvqknQORaD21DYxJrd9wP1i1Rrgm-35SxnQ4NfBCi9iOgg7EC7ScgsK3BSGigb9VwJdFEq8IgzYrxy_HxaBYjpNL0U
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6219
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEMwF165w4H_HcCd-OIugjdI%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxK...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxKYIn9bCpNcy4yebTx-hTrBTnGSiTdfiB8b4YZx2JdAzZrDhLDFaJ2mfmgur1GSx-gom3w
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
1c3f88b5-1623-4ab8-a749-a2b36c536362
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D&google_gid=CAESEMwF165w4H_HcCd-OIugjdI&google_cver=1&google_push=AXcoOmSRu0cDfFgD3gVFc5V-rTugtcENxKYIn9bCpNcy4yebTx-hTrBTnGSiTdfiB8b4YZx2JdAzZrDhLDFaJ2mfmgur1GSx-gom3w
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6219
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEObY-YpRmgqUoBo2PAemIxM&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEObY-YpRmgqUoBo2PAemIxM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTo0MUuMveIo85MbUXy85Ol9soIvXIpX3-CZO6Ysk9k4jFK67jpwIVIUDjVPdkl8L6mGi_mj8rwJnDUI15Vds8-0nmaRc44BQ&gdpr=${GDPR}
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEObY-YpRmgqUoBo2PAemIxM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTo0MUuMveIo85MbUXy85Ol9soIvXIpX3-CZO6Ysk9k4jFK67jpwIVIUDjVPdkl8L6mGi_mj8rwJnDUI15Vds8-0nmaRc44BQ&gdpr=${GDPR}
date
Fri, 01 Dec 2023 08:25:10 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6219 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrBTjeULAd4MRCA4mz-bovGBXdJV7Ri102BQhofg6srb2S-w9E4M9D8RpUaPzLZC3KS3_tsDDk
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 967B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3fcb145e00de798e8976d93f6a311404b3ea28d209d7d96c89e7310612f8841

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9D6C 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNXVeynM3NIUk_P8xNA4Noq04I0s9yZ8uuUqSi3ri3McAsA3izbWk4qHkCTI0MAcafK-gayZKsyJcQiw_ACCq6_dtetDOOeqeyXa3e3GL_Nm5GOs9XZ7yfpJTYzlz6l-booet20dAcvatfwcS-UvIySHW4vV2BOTys3eJTOVaMCxU_ouhGDvbksVRymecmWWgIXOEmm8
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
15554987764050598044
s0.2mdn.net/simgad/ Frame 54F5 		419 KB
419 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15554987764050598044
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf294349d070c4ba6a83aa927d51ff121273a919dcdd2424bdd09a1f5b1bba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:04:24 GMT
x-content-type-options
nosniff
age
138046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
428854
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 13:44:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Nov 2024 18:04:24 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 54F5 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 54F5 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
view
ad.doubleclick.net/pcs/ Frame 54F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssKqLlEKqPeNv9exZgIQ3bzW7LHYZRaFVj0f-7RZRs6UQLkJxJ-RJc9E0ajC_dVDCuJdAnJ0FHsNzRaQUagL6SPEh80PhfVJfOHBIPGeYfr4j-FQTwGbJrUkd88wKMzJElAMsLWIKOwIv2ihpaIF2ai5w-fbEQAn7K7jYHGFk2b79XsDZr_pU1tSYNXJpsLwSmHCu-FhFAD6LAV307ECIf5WLJV_eMaZQ5LiCk1gg-4K5juTdYaG3rJzMXY9mib1M8lM7lTPYDqm9AIdQTksVhUHtDlApIsjeVwNDW5NyV3bLNzhlC8x9xOZ9ads0AGOsXMz6havJEyH_rPgrkyFdV6gojzuEtEbPmPo8Oy-2PrHcJQeIIVymEAK3Pb08X-HfUJ0WdBC7mBYtMqSgOxpLOl2bYUBdjXy5OCimm0r3fGEMdWjDcQbBrrj_qDtYUkDFwf0L5yByLjWZVpX_peZj0dKJdwprGW_MGlA955uiQ3cl60YjSWG0o_VwChxwp6eEgdroNJvLCegsyc_pQLG1pv2JY2VV-XJ6iG6Jzo2H9dMWcWb98a2zyuVPU5Cn040bt8CeH8cvtTwavqYeSLpaIB6PgLD-AKMweTrfYDnvsKBzLhpWBXdjQeM32S_M26VchnUh6REE4Z5fUicdoWMR996Hsmv2reM2syumha-2XGDhE9ir1U3hhKAq5VL9C-1mfW4BSquNFpHhY7ixIsbIFI0FRBshsM777N_DqmdW-HJpcNXER56Ke6SPd12ji8CPeyd2ERntFoZfe2QZuzAC4GvOm5ZMgIX7lRzC5VVQIvg0FJGRY203GCEtsyDAvJVUqXflX8FijUwVUT80S1jSms4QrvOSXHBjx1NAe_BiJdqZUwNndyszPAGf5mmT6RvpLBOCqusGiKdEWXBCUltWsA-kXOu6Te3esif3a-c0qOAYfHQUkXCftKSw3lByoq4-bO22jLX7y_85_Zw6xzyKx22zMiHKJI3RpfqE06kOf7wyiq1fniYWwYcy9CYZtbskfZWWpHj81yRPTymhnAW_2ChQCVhoa5dsUF0sMUxl00LKUXZBILw1Hpsvu_kq2set95sCug_IUfkFM15oT35LXlz-vgvMqDP006026lP6570Fl9Fa0fc12ERHvNDh1jr56cz9wQzI-NGFHTo6GrmuQ709s1Eg7UuRcfV_URlDjVJANmSgpT67aKZRL9zddIqDczl_Y67-w1N-y9ZHoKjlET6okTSBrZgB23XDB-PQlFd7-bfzgs_XRi_jsTUpC1AA7j-P1MOgjCzs4Gy9Erf_N6h10Y_f2bN5EYzXls5I-rqClUhrSK5cMMhrS3AbvLLTDNHXYV2yV3r-WeUNozUNrXvqgSdxztEmKVe4fulSQMv5dC8YX6Njw3DCV5WC4lpZCdpGNK_Xz-Y5djar9oMFm3Nq90NEQczufynUDMqRCHevglSID70itr9y1-tehqOAXJciiEwv26U_6WzL66Hl5MlkrRLKpM-RdoHhSmx3JFg_SzKB_0KHoJcHrM0g&sai=AMfl-YTkPxiz6HeScPyf1iuAEndUG8aLggj70ZFoWFSW-P2NkPEQP7WunQObQz5mGcy9Vvrw5CW7Vwo25nzMJqm7Ku6ehEoX0EvIH8-cQM3t_87Xhn6WWxIoh3_wFelkR3Du4ahwPL70XGLAuTBi240PQEZxlzzjpcREh2ue5B-06XSudiU8qDBiu4c0GH4WvUnLKOpQ1YpG9TXiziYjvIHRFe9kK_GXMi1q5DyE6tarEephu3cYofa6lRPHi-6Ug46TRBNPT_mV61RGSMPrNU5sosk-0N9KV-HLtQhZLup5w_2TnubAuyNMmDi3yYZlrVUgEByuHvvdnSObubEfsbrzyBD3JsC4dDOIqIy5dXHx6gBNgkf93uG4uWhex_kvAXaK5fugEK1KElNAv4SxpsA34eTOlDzHTZ5srehUzsY1GQ34OuQBDENMJgSdn4KQxQLR&sig=Cg0ArKJSzL3_YvLHdlDWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.40019&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 54F5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
570002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 54F5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 564E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 54F5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 54F5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2FZA0gN9BppYRNoGzIWNu0GzQEq7K3s-eg4m-XJHEQYvpAKe8h_Fzlv34neuEDy6xABOqp3TAz70tzoee-qYj11EGAykHAPvMpsLU3093QrlWc7c
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 54F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8f0cz0EzwzTv0IAHIFGdnwC9EkAolzHLqr3YW1r2HswB3x5IkOD6qEoV3VjY44-hSsMg59LT1W0IXWvk4K6CABk3VBA
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 54F5 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:10 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1B13 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
450390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6339 		133 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:10 GMT
expires
Sat, 30 Nov 2024 08:25:10 GMT
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 967B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuEiFdkJnMpDiN8diktlk9sKAUq49X5xnbOXYjiQM30oZEr4SEkS_0eujHGjFsgHQxsGPDpkb3pqW5DJbbGJ3GzBdASSdAPM-isxKQll9vfIinnZtFac4LsUHhHE2gZuMbkq0-c85HHASfV_RJnIw41Lj7gxZVzXGKCeBhfeIU7rkSA8SLGHfmji-8fhfjhOpnDrTZle5dzQb84u_hQMkhkK78hP76eyZX4kpZLP-WLB7NYeLCz3Y5QTfTx_KCm6YcMdfrvg76q-HHPXUnnQXK_TyL37RgruVHzL73gnBQYh9mwvGjkmOaTXUhVOx0Y5Tcz51dEO5VkQVTluLtJtj903k94mVBmEUCnsZ_T1QKqFZS8xEolLikWIg6B3nXC6s11VRL8lSAmoWS8UPDiIg66E5yx0w3D099F5L_zG6spgyUrWDGdRafGnNP3GKKQTXpRBHpMrIq20wHzMlI8zkGb8yE4YD-597uR78NOyy15cClLfSLwBmSw_q6vccN8Me4EN_AGJU9YXly5qjOXTaWaXFGPo9b01mQcpPDzO4cd7rylff_rJ5EF1zn7hEORxbECbSaJYqI3qBwiQHMHi-SMMnjnBNvQEuzl_6n-vG05VAdcTKp16p0pmR4qlxlovCuz_Up-wIDCq8-e_s7-qRYtz7t1iPoflHv2A4S6VEb9GcVZ2zTh74pGjFsrQ_mb04-ns5hs7009Y2jhgA4v9JBPxOPS3gfYEPGSrI37NGxGJR33Laq_SiVAULEK2pNyN4opn5yOnDZ9YS5IHwDG5kIrz7EaCkTenz41h44TcYO0pUKUKZdw9Fx0OweFskpubFxpAhHrQ6lZ-S8KTUi3yZ_eTVP0eqIwl-1xCUevCf-Cn5TEFHyui9669y1qd-l-2PXH0FY64-rKTDKNIjBhwLn7YUPwDCHn3K9bMpjnoR5rHPl7hBqpm4NoPywuV3ofS7uGmtQlb5_cxJdbbqq5_qck2SlRHdEMY35Q-4GqXADwqvSct8kbg81ed2YmIiD0cYmn3BcBN8VDMIcLaixV2z00ElRQ8tul-efw88Ua6n5XDqXLY2Vgm6yvlWfNgcGTU1fFiRK1ANmkb5iJ6HnMfuDP2uxMglaFEyYw4kNSYnsKspG__HHppN9F_AHepDm9uVjZfZrMjsADXpPjssYMk9dgkhclcbqYNgpPpW1fZpjcLiTUQ1yKguvmkMrU_feuut4-HsZOfxshc1xtv3_dgQ4OJm5LRvQ3cWCuU5iEFqIuSDhcJWbaxxIIyc3HJNp_FD59fQZ4sXHzMZkJ6zU5nV5t-CvrQCjneQBjoBQt8Q3y-EItN4qXXtO2ebfz832SABq7grQCoMMXsyfevus0WSK42G1BSq1KckhhTyCdXtiH_4iNoABxphOymxRIRo7FYnjvQshdNfV6atzR4i3dw31zWf_qlEK1VeU2SID5Cd2S5B-Vgu9M-8e1M17Tsk9pABbFK_BGVWKhpUa-&sai=AMfl-YSET_btKSIqL7tovVcfibdCBzRTITFrJDK5UBLVFd-WhWXV5Wqrz9C8ZtJJjxooioPNEo2JkdOVX6H-z317clr40I_M9_MGVkr79q1vUU1TY0epUt0NFEt5XDju9FWhOHJI7lJ1kjmwZ2HiO75cCzJLExBHfR3QwVTPpJyKsuVid7wviQou5aOl2gRRLB27rK66rayyPdsgdbq5IOHXTld_mSadUhinpSslAp-EW11KZx5SdwvDQacAUi3iz3M3tXshvnxOMgb1n6ctfXq2ZGFX9XqDNz3nw4hPTZJvEgs9_4xDdiEdyekHR9DyfRwY9ptLaEY3f0C1ww2Aut-gRGFvgYjrBt9R7NXelAz9--Ac78kULsWfp__DwkmH6FDvn7uN3L7Xny8s_456THyB5e2mngwYTySs39Qz8rbQDnis&sig=Cg0ArKJSzHVJwSkh1IH9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=294&cisv=r20231129.73901&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9657
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwTSTPSNzV9QzY5PdiSOqvcpzsQMEZ2y%2F1oNitbXBLWvl4fd0oTcyDYNbwlLsJOZpOiAmEA2CWGsZj2vKm0PVk%2Fb4ChACmphmWPNCF42CstDv4QjQoTTb2MYF0HlGGf%2F3CUdILVl2v3ncQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f01f4c595c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE2pHaPHZPVtMUL7-xmctcM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9657
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcAZy3ZWyExjLMFUR92yLKY9btwNzYw66Z2TELW4wHXuYsnRNdifBy%2FXn3BDOYOsQvhbeZQNf7JF460r7Ml3cze3pb1nXCFLcTts9%2F%2F3vV0BF6YDQqJXXw%2BnsMplbbyS8M1BC9mkLm5b4g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f01fbcec5c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9657
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
43 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
efb70878-283c-4bfb-8ae7-262ebb241e1c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKyvVV8dDQhzabUzMm5X46s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9657
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNVoBq0jzk2kXpn6Wqid6c9FKz7SMeW4ZH2D9-Dz6ZLuxNNMlfi4D27zCObJjDpj7spcB0BaSzu8b2dMuUbgrGRGk8RQunfgUeSsSTXxFPB0KF1qSfALk9SbKPve0v-KJ-stS_H5Tg8qLtXxui2lYXbQVghmap27zAtjy8UD5hCcvQqD4dC-aZmYerqGPPcpZU0NhZ1k
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
16bd1437-0888-42b9-bab2-6619e503e340
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 046C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBsQ3UqWL8S_cIH68JOdyXA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBsQ3UqWL8S_cIH68JOdyXA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBsQ3UqWL8S_cIH68JOdyXA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 046C 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 046C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHHbfuLItXiAVh4SkX7cvA0&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHHbfuLItXiAVh4SkX7cvA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 08:25:10 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHHbfuLItXiAVh4SkX7cvA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 046C 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNVK6dHtMmStQ43ZqOHzMA4jMloGnITjf5nXYwCmsdqwRA84HrRdxOJKiqSpiD1iOoufk0_MLe8KVc-X-cuyPU32HF7JQEGu4AbKxS9CF5hQu1xOlgY63jUY9IYHZ1-zsWicrI7U_kI1l_OGNbSy6Yzp5T7KpzgqwT4TjH96iL2n1aWMRZRermo2SpthdryAYScqi2CG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 08:25:10 GMT
pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
index.html
s0.2mdn.net/sadbundle/15611472666643398656/ Frame 9A9F 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a908ce2d7b4e2dd9efeb3ee51a66beb39b7ee38fd9b2ba0969ba95a69ee1271
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
79545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18358
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 10:19:25 GMT
expires
Fri, 29 Nov 2024 10:19:25 GMT
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 4530 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss1sKFDq_RJGU6jBJE4W2GNv5I480ioznT3C4S4CqhN9q-HuO9YKbKNggiiamzGs4IJ-3d0glB_abVM6erQmc8Z9mYjANBjlR00ywj9I7tnJGplekLJriqUXk8YbWD6z96EkHLpPPauFtCI2NflkWpWPTq5cZZnMLFufMzYd2-QhP5hk44VAfNMGIPbipNW4mkrlkBxAtmvZ3wFfnTpJyxFegV8YWsSuoEZjauI9CxtmPchGP80Pae3XV_F9w0OTYR4e_5UbTI_awBROsng9iZDS6naLGlCXlL1Sd_vw5BDpzbYU3LtKboRXA6RUEWYTMZFwrecgWNXGyesMP0698AnAiEhiMSiCVRguXzGmURJyeF8VL-ZBSVb_uSKCO5TCZwGt4Ly1ce_ETqpCFy3LgtGKKLGQjrSFt-422_LeWnU7QJHdpgvx2EfKuVR5X8p6_UBTSuRHuM5sXTKq2bX39HmDpn0tPvS3D0IV8_2YCuyMo5LmzyRlm3_HMw8NofhwF-WOGzaeS0F0HxYMv9UPtBVfskrOiQ4GJ_y37rU3fgfzc8kG8ZJPDAgeJOBZh1GYkrRyA4-rGjVpdwWyGcCTbN_txMRwz-qUw6D6rK_TmIJJPHuwbqeBhJ3JGezGsmVA5XXCDIdFgtYwLHo7lU5aE0YGL9aeBuQHxyx5awjJqzGRYl2VJcW_ZQLHUvoTTO-u_m1ipVEyEsQe8ZxisQ4Pm9VOCSSo8HnosQ1zXS7gRYRr6zjfeFCxonfng1mTQVrCyKAREgZI9vkN4S0i8SExGewe_OB1HETYkVO8boeEBYcQKXClaHhhCbNa2VWdVjv16p7l8x8QOXbaUwXmrbdO6anCvuEwAlDBlUvyeBGxK2PrNQY2OanwqRtcLU4KDjgAq9mFiMH7M6VCWpn2vGVZ1voBTGIExcPQrRUqBl-lMGTRdJSu2UWFmdIqZx_dKYOSt71MWCYkXh5KGiQAmbS5qUwCh43xZavk8LyLzigMqDS7vGG1o3i9GjMt_jbr9UhTv70_Bo7q9QHrp4D60eeCrw9myH_Jj5MEkoRhcqVBMKqv7ysB9grkmGVEdpe18cpQx8D8jddH9-o3rnByHG8IOhZ98rJed_viHY_cfFviDvUARpfei_oPPeRU9qYlJ369JDWlws0lK06Z_fIyINZEFx_ORDLfsgKyXtFv251-xj_isEio9xtLZJTIZDY9h0cc-mKu7D8t9OhIKgQYgiLtQcz8ytWmaMiPLEbaAJ4Gp9P-PEhtURs0GUtrJgDV6GUMCJnb4ssD7N_Ci0Pt4YLvlTygPimNIjb-dZwTOZADmzJrU4YBllhFzT0Kb5L3kVjNppFZIazP3Ovzqzw4PQlkRJC4yCr7r7BBc720umi2mv423slqwoBPaDOOEhE0BKVRtZnzXCdWRtLgh341NpB0hfG9560sKWMBe7Elz5JpAjNOTcApkMXQTHK45lb_UfI-g&sai=AMfl-YQo7Rbgte5CTqsQui8pXAFEex_5l08_q-cqSBHJNm_OK8xdDUqMLimvWV8pAaBSKQSvlC3Y-VxR701j9ILofAPxpE54pn37LrT985BhJ-xa9WhoyX2Mq1QZbxdLn-FfpV4Pc09Rh2kMyA6Kym4ZMNKEzqjpyU0LwJmNaA1StXAG5s-tegYCA3Ui5uV70ZvDPmKNfVYCzzqH9ydgtR1mJxYF9z_ZlhjAxh7dM0ie-FC8P3_HWJ79cJl9PP5PvlLURhqBVdDE6apLKM_bh16oih3Qq_-cl-vMG2Gwmd7QJJRBuCMwZ7GTvEIy4PPYg8J6MVrwt9BBGi7rp-IcpqD7DGzX4yyPQfkDSfmtgu4wVmO-2pwLuKzq8Ys_pa-iYo5zvSbrGnTvUxW1ISsai-Aouv7mY_KECnkoQw_IeIZ8&sig=Cg0ArKJSzMpX0g77YdL_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=172&cbvp=1&cstd=170&cisv=r20231129.12523&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263KB7Sx8bVpU_BcwlR_Df-dvyqNy6YQYmTHkf9Y9C67BULuhYqWOIlOSA
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 08:25:09 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEMSH08lCt6qwj8eS2QAYmFs&google_cver=1&google_push=AXcoOmQkTQghcB9snlu_-2GSKe6uaYEhtY7Gh6cEvGCh263KB7Sx8bVpU_BcwlR_Df-dvyqNy6YQYmTHkf9Y9C67BULuhYqWOIlOSA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEK0-Vdn0F16fpSx3LgqKC5Y&google_cver=1&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oK2iafl4QP83prxzWJllCQ&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGpn6qbL7t4xJHvVQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oK2iafl4QP83prxzWJllCQ&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGpn6qbL7t4xJHvVQ
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 08:25:10 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=oK2iafl4QP83prxzWJllCQ&google_push=AXcoOmS5TXPrPmP_KV-y6cB4TENTE5c6Xi5uWP9V4nfAm1jplncJYULi_QlBOeAzipYapqLUDVHaW2FMz_XeEmGpn6qbL7t4xJHvVQ
x-host
tde-deliveryengine-production-6987bbc57b-fk8qg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE5rPg9aYGpPyCXkAxcVVd8&google_cver=1&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoN...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE5rPg9aYGpPyCXkAxcVVd8&google_cver=1&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MjcwMTQ5MDg1MDQ2MjA4NA&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MjcwMTQ5MDg1MDQ2MjA4NA&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoNFxG1G9PZchG_Pu4y8K2haw
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA1MjcwMTQ5MDg1MDQ2MjA4NA&google_push=AXcoOmSZlrvF9n5SaZH3VIHIHHd-sUH9E5JQ3I92ZSEdfNbtcTk1n5FYBihFcEmgVNx_VfohSr_qJCoNFxG1G9PZchG_Pu4y8K2haw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENh5KpNWQFCg6BcYyV8EfV0&google_cver=1&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCUkQtVS1KRDZQ&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWkMrdtQQqPClY_Mvr_OykIVqhnN8g
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCUkQtVS1KRDZQ&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWkMrdtQQqPClY_Mvr_OykIVqhnN8g
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCUkQtVS1KRDZQ&google_push=AXcoOmSvTo9CIGvHHe1yNEEhgp699GqW2mDdgI94mc242yCd2F1stKdYLhqVeUFvjhVjxidQZWkMrdtQQqPClY_Mvr_OykIVqhnN8g
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH8USObQWm1d79OHHjC2Px8&google_cver=1&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5za...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmS-rKYdiafPgkOdYKHpcrFcRzL8fTuEEPHdAmmjabgxT-cFCZDnlvyW55sY2WOMKlp8IED-ywvJqXv83mRGidouaJSn5zaP
date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame D4D4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAIGdvaEB8F2qSPO2uz1FqY&google_cver=1&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew&google_hm=WldtWVpzQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew&google_hm=WldtWVpzQ284WVVBQUF2M3ZvMEFBQUFB
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 01 Dec 2023 08:25:10 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEAIGdvaEB8F2qSPO2uz1FqY&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZWmYZsCo8YUAAAv3vo0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40382"}
X-SO-Key
ZWmYZsCo8YUAAAv3vo0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40382
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTrGWJJWIV67GA-mp6jrM9rEf3fzH4Rh7A-8WVMnXCQYfpX8MSylEyiUsTTjh6jxlEFCExM-BxO3YcysTNauFW1LljqflWsew&google_hm=WldtWVpzQ284WVVBQUF2M3ZvMEFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40382.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
37.58.57.5
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame D4D4 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEFmTJmnLKUR1q_3adtX1jNA&google_cver=1&google_push=AXcoOmSACzkAAClYXFEAvQabPqZh6AKPj6zHtF1N89BfcQ4lRExzk2yFWEr6lSxOS1r_y1Q_tcVcKr5DwlzX09EswoKBVhR3xFEzIDI
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.73.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame D4D4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdDLUBqeYjnu7nmCJpNf4_6x_wpSpo5j8we1DZiUqyy6qfPc4Y2ZaUS3fAZEh5I7l2BjFyBg
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 26FB 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
450390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 083C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9aJGTFFDG7eeSoc6amKW7ktmg_e3onS1rUl4bOoyN5U1PT6HWNU25g
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 08:25:09 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTtYNnOm3opTJwUzGozAlkivIYtTEJpNMCO2gpdf9aJGTFFDG7eeSoc6amKW7ktmg_e3onS1rUl4bOoyN5U1PT6HWNU25g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 083C
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPVJBmLrDnBt7SoCH5OdqEk&google_cver=1&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayEvXrp8LXNFkk5u2gCs&google_hm=k_2V-89eS8CTe808l6vOpAU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayEvXrp8LXNFkk5u2gCs&google_hm=k_2V-89eS8CTe808l6vOpAU
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:09 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQLVSbO5zvVbgQ2ZDuUbR5gEfeSht7ye4vmJGYiLLe1wetjVOnLYZKP6ybxzE58EwEWEd0_b4wTayEvXrp8LXNFkk5u2gCs&google_hm=k_2V-89eS8CTe808l6vOpAU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 083C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHLW7TjBCptr8hAuT74QRyM&google_cver=1&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY3...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzUzOTQzNDI1MTA5MDA2Ng%3D%3D&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY36iZV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzUzOTQzNDI1MTA5MDA2Ng%3D%3D&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY36iZVnt1tQ22NM
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNzUzOTQzNDI1MTA5MDA2Ng%3D%3D&google_push=AXcoOmTLFIytJiTIh2I0jR6RBxXairREDerc01koRyJEyJ0xQuMHut7mEP1fSpy-LN6cxLz018W7Mw1dx-xPY36iZVnt1tQ22NM
Date
Fri, 01 Dec 2023 08:25:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 083C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJCGhOxmUavEqyCBJOp7p-8&google_cver=1&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCU0EtSC00SjVJ&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_ffMGlDVealFy55jWA4s_z8V4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCU0EtSC00SjVJ&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_ffMGlDVealFy55jWA4s_z8V4
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBNRDBCU0EtSC00SjVJ&google_push=AXcoOmQkrCQ6FFhjbdR1ZGsZpxyvjulaBgwKH46RAmxGmEIF2Nq5W-PAt5YHM9BM0fGjgvnujj_ffMGlDVealFy55jWA4s_z8V4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 083C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAAFHkAAAIB&google_nid=index&google_push=AXcoOmRb59y4A5uaSNWNlcrSps_vSnn0c3p7b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAAFHkAAAIB&google_nid=index&google_push=AXcoOmRb59y4A5uaSNWNlcrSps_vSnn0c3p7buO5QO4P27Iao531rnXc_yMndYSxo7lfpdPykY7-rPUpnUtZPp_c7fM5nvdcuMUf
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZVJW5vKHdotzCcqDHixEtGQRuu%2Fum0H%2FLpYFgF69MTLkPj5C7aYeCfXUoqVRCePrOePMaZZrHVt8a%2FUu1Rn%2FREQoG3SpvT%2BKdEFWYXfeVKrii8RVYA%2Bf4jn%2BI4cOCzT6uSLzpvmbHTfaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECgH4FsBPe1ca6jUyS-z_NI&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAAFHkAAAIB&google_nid=index&google_push=AXcoOmRb59y4A5uaSNWNlcrSps_vSnn0c3p7buO5QO4P27Iao531rnXc_yMndYSxo7lfpdPykY7-rPUpnUtZPp_c7fM5nvdcuMUf
cache-control
no-cache
cf-ray
82e9f01eaf095d39-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
ebda
match.360yield.com/match/ Frame 083C 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEI3aBp0f7j4PzOl9Dvc52m4&google_cver=1&google_push=AXcoOmQOxXJ6XEwIS7W6syFEiEezv5DRgRjdrRlWHTC129XOdMidSg-PJMA8ct7jVztV9X1LzVSMg0s3LkoE8YiCn_Y6VAufHYxm
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.30.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-30-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 08:25:10 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
0.gif
id5-sync.com/i/495/ Frame 083C
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESENyrx_EZEqgN9dL7S1p2j6M&google_cver=1&google_push=AXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNdoi2GwrhEXpuokq3Tk66y8rHtMEr0d3ulfNS2mh-_1dEj2sguhLz9
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNd...
43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNdoi2GwrhEXpuokq3Tk66y8rHtMEr0d3ulfNS2mh-_1dEj2sguhLz9
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmTL3ebqwxdGvhttOhd3H667RKPC0oW8-yeKYbjnGnNdoi2GwrhEXpuokq3Tk66y8rHtMEr0d3ulfNS2mh-_1dEj2sguhLz9
x-download-options
noopen
vary
Accept
content-length
271
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 083C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KL3L3RDFCA5rXpILAZst4WdrAZmE_7_PEYW8Gwb4RiZJeqNBxvz4ZocUKKtX-jFGbEnx7w4Q
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 4530 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70be47680e5d628453d5e75232dec767a3814dd1d4971050dbea16f917029461

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7B98 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
450390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD10 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D700 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
450390
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C785 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df1be142e3f233ff481679a602ba8dd069a25811e848f168d6481cd0fb4c1950

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
container.html
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 03D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:09 GMT
expires
Sat, 30 Nov 2024 08:25:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 54F5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cadbece3de4d0e57e2742c4689b75636f3168ceccc93b478b6d9e0ed1980c166

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6339 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 04:12:33 GMT
partner
sync.search.spotxchange.com/ Frame 9D6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKow13fzhBOgf6PxnM6zIeQ&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 9D6C 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 9D6C 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhifjp3xATAB&v=APEucNXVeynM3NIUk_P8xNA4Noq04I0s9yZ8uuUqSi3ri3McAsA3izbWk4qHkCTI0MAcafK-gayZKsyJcQiw_ACCq6_dtetDOOeqeyXa3e3GL_Nm5GOs9XZ7yfpJTYzlz6l-booet20dAcvatfwcS-UvIySHW4vV2BOTys3eJTOVaMCxU_ouhGDvbksVRymecmWWgIXOEmm8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5A63 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FD10 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Origin
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 07:40:28 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame FD10 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame FD10 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:40:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
35054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:40:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FD10 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
570002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FD10 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E11D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FD10 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD10 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuyCI3pLtRfX1hFrIawl8AwQg4O1oVisJbT05d3rK16jgmqb3xwXSaJn2w21xdcaGYfLOdq6zO5ElzjT_Ny_DwWOjxkyce4n5RFa4qk8MImKtNu28
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame FD10 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIvN1UN_Uz55ou31h495eEaoPY9pPi_2AASAx_Jy9WeHPMGIaTdLEdzngruN7DzjF0i4sHE_vWZnEsvMFnIfRWTu8Ipg
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FD10 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:10 GMT
css2
fonts.googleapis.com/ Frame 03D0 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 08:21:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 08:25:10 GMT
css
fonts.googleapis.com/ Frame DCBA 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 07:30:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 08:25:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DCBA 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame DCBA 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DCBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DAD8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 16:18:10 GMT
etag
48472445140208031
expires
Fri, 01 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DCBA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
44580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 20:02:10 GMT
l
www.google.com/ads/measurement/ Frame DCBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiARslS1F7EfnHdXreJ_1t13P64N9jIuYcS3OKozribpLVzxNO9csmFchZdpfqw8hYaX-zdCybIfpEX1E6rO3c2a-axQ
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DCBA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 08:25:10 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame DCBA 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 03D0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
34705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9189
x-xss-protection
0
server
cafe
etag
14682237860056745894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Dec 2023 22:46:45 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 03D0 		205 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options
nosniff
age
140186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 17:28:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 03D0 		604 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:39:41 GMT
x-content-type-options
nosniff
age
135929
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 18:39:41 GMT
view
ad.doubleclick.net/pcs/ Frame 54F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssKqLlEKqPeNv9exZgIQ3bzW7LHYZRaFVj0f-7RZRs6UQLkJxJ-RJc9E0ajC_dVDCuJdAnJ0FHsNzRaQUagL6SPEh80PhfVJfOHBIPGeYfr4j-FQTwGbJrUkd88wKMzJElAMsLWIKOwIv2ihpaIF2ai5w-fbEQAn7K7jYHGFk2b79XsDZr_pU1tSYNXJpsLwSmHCu-FhFAD6LAV307ECIf5WLJV_eMaZQ5LiCk1gg-4K5juTdYaG3rJzMXY9mib1M8lM7lTPYDqm9AIdQTksVhUHtDlApIsjeVwNDW5NyV3bLNzhlC8x9xOZ9ads0AGOsXMz6havJEyH_rPgrkyFdV6gojzuEtEbPmPo8Oy-2PrHcJQeIIVymEAK3Pb08X-HfUJ0WdBC7mBYtMqSgOxpLOl2bYUBdjXy5OCimm0r3fGEMdWjDcQbBrrj_qDtYUkDFwf0L5yByLjWZVpX_peZj0dKJdwprGW_MGlA955uiQ3cl60YjSWG0o_VwChxwp6eEgdroNJvLCegsyc_pQLG1pv2JY2VV-XJ6iG6Jzo2H9dMWcWb98a2zyuVPU5Cn040bt8CeH8cvtTwavqYeSLpaIB6PgLD-AKMweTrfYDnvsKBzLhpWBXdjQeM32S_M26VchnUh6REE4Z5fUicdoWMR996Hsmv2reM2syumha-2XGDhE9ir1U3hhKAq5VL9C-1mfW4BSquNFpHhY7ixIsbIFI0FRBshsM777N_DqmdW-HJpcNXER56Ke6SPd12ji8CPeyd2ERntFoZfe2QZuzAC4GvOm5ZMgIX7lRzC5VVQIvg0FJGRY203GCEtsyDAvJVUqXflX8FijUwVUT80S1jSms4QrvOSXHBjx1NAe_BiJdqZUwNndyszPAGf5mmT6RvpLBOCqusGiKdEWXBCUltWsA-kXOu6Te3esif3a-c0qOAYfHQUkXCftKSw3lByoq4-bO22jLX7y_85_Zw6xzyKx22zMiHKJI3RpfqE06kOf7wyiq1fniYWwYcy9CYZtbskfZWWpHj81yRPTymhnAW_2ChQCVhoa5dsUF0sMUxl00LKUXZBILw1Hpsvu_kq2set95sCug_IUfkFM15oT35LXlz-vgvMqDP006026lP6570Fl9Fa0fc12ERHvNDh1jr56cz9wQzI-NGFHTo6GrmuQ709s1Eg7UuRcfV_URlDjVJANmSgpT67aKZRL9zddIqDczl_Y67-w1N-y9ZHoKjlET6okTSBrZgB23XDB-PQlFd7-bfzgs_XRi_jsTUpC1AA7j-P1MOgjCzs4Gy9Erf_N6h10Y_f2bN5EYzXls5I-rqClUhrSK5cMMhrS3AbvLLTDNHXYV2yV3r-WeUNozUNrXvqgSdxztEmKVe4fulSQMv5dC8YX6Njw3DCV5WC4lpZCdpGNK_Xz-Y5djar9oMFm3Nq90NEQczufynUDMqRCHevglSID70itr9y1-tehqOAXJciiEwv26U_6WzL66Hl5MlkrRLKpM-RdoHhSmx3JFg_SzKB_0KHoJcHrM0g&sai=AMfl-YTkPxiz6HeScPyf1iuAEndUG8aLggj70ZFoWFSW-P2NkPEQP7WunQObQz5mGcy9Vvrw5CW7Vwo25nzMJqm7Ku6ehEoX0EvIH8-cQM3t_87Xhn6WWxIoh3_wFelkR3Du4ahwPL70XGLAuTBi240PQEZxlzzjpcREh2ue5B-06XSudiU8qDBiu4c0GH4WvUnLKOpQ1YpG9TXiziYjvIHRFe9kK_GXMi1q5DyE6tarEephu3cYofa6lRPHi-6Ug46TRBNPT_mV61RGSMPrNU5sosk-0N9KV-HLtQhZLup5w_2TnubAuyNMmDi3yYZlrVUgEByuHvvdnSObubEfsbrzyBD3JsC4dDOIqIy5dXHx6gBNgkf93uG4uWhex_kvAXaK5fugEK1KElNAv4SxpsA34eTOlDzHTZ5srehUzsY1GQ34OuQBDENMJgSdn4KQxQLR&sig=Cg0ArKJSzL3_YvLHdlDWEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=512&vt=11&dtpt=511&dett=2&cstd=0&cisv=r20231129.40019&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame C785 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssYUP-dWmLFbusR9LJmQCWNc4n9f2DFFuZG0Dk2UoV6_oi8lICUky2kcc0N-niKzD2mi7iveMq36ZJgrlUaDaiCaBpKn43gTtEseiL8V21AyIDPA8Zt_y26KaP-7QxyLbEcD7m-ewdeWTYeZjplDOws5Or2Zeg3CzoU5mJkohBusy8KplGTIjw-UmbvHIIWwOMyR02w3lv_aDxaVBiLrPbLsyo-Me_MnTEQJR6L3Fi8IcHqb-IDrteELVb5lqBvW_pbNlkA9lYn4uw30_3Et9BiJJkIa7HrWiRFemTSCc7dEb3yrsKfVFOiT6eK0YQCMA4yT29z28N78zNpBjsBKlsxnODrvBXZpfb4kvYsqyrrxRHcPXsmn_rcSYwDN2DTg6jkY0tspIVmt4-U4FLSS2qYsy6cLeJajjXjoryWN3egOsmmn1PAHW4RAr5LQVLPgf-Q70J6M3n3zRjGuTE24lZ-ERVGd9GPv5qi5QzToGw7ulVSSLEAad-1SXTSlpTdZVWs0e_wh6Q2MiYUWbJxnP7EPhgPa2Y-t-KlA4J6Y6nH8vp1ry7u6oDh6AKswflNl0q7VOA-Cq09KQBRsyl3sALAF4MQmzZx-t7VfQeKiWEp-26RDWJsawkLTNRggTtlCz-F2b9gKUhfUOGVZ-HFVs4S_4jApQM2FSKeHimv4M70bvDmwwMkt7ccuQKZFUx_MFXGdasBcT2t1-1iNSn_0hqBdS04L8TTQwMdvfDadngri4jTo66Tsw2k6dPV4V_bCUvPpYMKQXZPqszGZzGkfiQjbAZd0k_bSBNqLyz8xhET8rRXFJKceBsDH6vmydSeEAWe1IJ3pCJ61kseSPiAgxegb___xTiVhIamoy4tKDw61ZV4mr6XabwRA_9Ta_7ISk22e9ODuw4yz2JJiQlTCBy5QhidyYEpYssnHEXHnwmZCfhspCUvI6gge5zvn__GpppPLyltsm1NHqfUQAp2osSIAQJq9agWV-H2hRwMlMuI7eNwh8bAH3LgH8e5d9eC5NAOf9n-26G0LRE8pBmGlqs2d8f1wmJa42LBIpWMcgVYzd2qRJhA9ZCDvva6ZQWQ0vZNyLxYjDUbSo5RD7lWUnPTy0KbK7fy-gzmTLevTICqUqXmw2v3q6VsfnfE5L3IXwCokGfx8xGQUo28mTu3v_qVLkolfKIw9ZQfiJnxpPRl1TLDSIXPul_LKlwYXE73TdGNDt4F0ZkosAZ4GD98MNERoZQ5zs0SghNH4t-8K_39DrVSN-PNUpMCHiDNB7VrB9X-Yq6J-811hrsXz9nUYCIbJtjRLi346fp27CzAAvUC_QLssHwxg5FVYptcncqZ5XcuIZNbZv_FbLvXh93k_h3l23-en0U1r0JxdcHyz42Y0l-mUGgLp_aY6BvJRJENl2Va8jWb9mELi5L8hi27xe1vkSgSzw6Bir5z9YoLw_fQlZspIUqz1m05IAfYRgrderGAZy8Dm3AppLKjFGJ2uygMUwQJQ00gvm7L2PdzF-Gj13LwDUdIYx5X&sai=AMfl-YR7iU0mwfpkJDOoqKArXvWnyAJOV3yBX-TQ9flZCJkBAfCKngUmAZ8UpbMD46PYOCPlj7w8dLIh4kBA09OBIf8cdGopbMMVhrk-9EJTOHrQoIHKT10_o3oZhI47BQqVUCXnX3DTwoix8rhpqOxeE8Z-oFlh8JzByJKVVBggI6SsNzlY1YrQsFFEiyZfMrgwFwHoJy7uTDMiFpANqOxy7t5ILiIu89t1TpmPFPn-ONRVidlYVs4z2fSEYzCprB6LFmRnvzLOVCFg452LoNRoHmvuzbjbQ8WCGI14D30fEWUOFDkEfPMGAXP-sz1Xt-YNHC_xtKY7kGAYP9t0eL3QzJEuq3nuOkpUdDP2wldK0YCVFJk7pMULVYKoq8KPpvuwzk8-Zrq8qfEhqe4G31aTisShvzkLsPwhYfyREIsEazwqZGGWt74S068lJcdkYXUw&sig=Cg0ArKJSzKV0D3xqCLvdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=586&vt=11&dtpt=584&dett=2&cstd=1&cisv=r20231129.66225&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gsap.min.js
cdn.jsdelivr.net/npm/gsap@3.12/dist/ Frame 9A9F 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gsap@3.12/dist/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4e92f6e6e2b83597ba7b902945c88d6104d5fe667023fe596c3d1e8851f574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18920
x-jsd-version
3.12.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230096-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"119f2-r7cRNZS3lGKl+zhWPbdZNkKIkLU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66rIzvzKaERb2%2F2Pmh2BSre8EF37hJopj0Zg3dILy53xXNukVZPZjvqhsta9QvW3nmg6qXDobFcGQpIS9ZantKiv2bQXs%2BqT98OysDzAEPd70jVyapKSMGxoSqATlC2SEiqG5qRzE07l25OFfcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e9f02219251c8b-FRA
CSSRulePlugin.min.js
cdn.jsdelivr.net/npm/gsap@3.12/dist/ Frame 9A9F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gsap@3.12/dist/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94872ae5db4922ccb4fd6b2e3f18cf7c47414b5c1d98e557d9f81b659d417af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36302
x-jsd-version
3.12.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230068-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"70c-3DJxRUGKsII9tm0Bp9C9aC7/nXk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6z%2FZXPbLXyWkib9wPKKfJlRjOmh1NWa4X7Ngmqw%2BLqeFezvpgq%2BCzXkWBBXFm0snUOuLu%2BM8GsKeksxjEptnXA01jO3ONla%2BmrG01%2FGd2pyqVPoA93QCtpTVI7AR0R6Q%2FxtYKMWmsvEpS88OQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e9f022192a1c8b-FRA
13dc9848.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		669 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
a0758909.jpg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/a0758909.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
620b6bc178d60dd299a57c3ff39c1492e1c3b58ba68b0fa967991c29997a391b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71375
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
d3a002bc.jpg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/d3a002bc.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8847afc82a8d5058a7c37aa267e32e7fbc070fd743cb257586f762c81c897ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60540
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
8f208121.jpg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/8f208121.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b8986a00d1cd29bc24e3c88128f04d469cc220ad8f332247c4e5d6aada4793c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191697
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
c9c8dece.jpg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/c9c8dece.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c773e00ac3d661c83a858fa400b1d4cf5fa1750298aba65d351db912346fa2b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76935
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
4332eb45.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
f378cfc5.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
31152810.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		302 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
a0ee8470.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/a0ee8470.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78b782b91c45c43eac2c6f7660a1821bdf8f4f10c5992c04aae9906d12ba6777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2557
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
a1f49f88.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/a1f49f88.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
683bcc856c3a05fd1a12828feaaadb7a83619a48930199449d6b596a60bfeeff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4437
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
173cf372.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/173cf372.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb91254646813129be203fd6f7b4dd84c7fe44426444d2c6b223f77d0f823062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3459
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
9b70799c.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/9b70799c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c101fb15121b377002af89db37e1ff8f72939ff805900850ce4fced8135341bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6165
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
9dfcd80d.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/9dfcd80d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe5e1beba978b812fa319fc949a5d4e0f51faffc91edac3dddb11a43ba3d50cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1548
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
09873106.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/09873106.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d25d2177d8bf2fe3b5cefca6a6e826389be717772a67a266d279eb956d03173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3073
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
d3ce6798.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		820 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
1147abdf.svg
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		769 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
af09f6cb.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/af09f6cb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff8da3684d0923a44a325c26bb248205a9d9956d00249ac4d955392064bed016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2742
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
7ccbd27e.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/7ccbd27e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a90995f201bd4460525c21769631f948f93222bc7631a67a3f8566361e49788c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4626
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
0f373144.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
c8840ccb.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
08cf22f0.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/08cf22f0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
377831a803b7529f26225ca7133c9dbf4637016bef350074a6be6b878308bddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71757
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
f7ba0218.png
s0.2mdn.net/sadbundle/15611472666643398656/images/ Frame 9A9F 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15611472666643398656/images/f7ba0218.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6976017d0b42dee0a8c12f85e66c19633d8bc28bff3b3f9d358f65792ef8208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15611472666643398656/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:25 GMT
x-content-type-options
nosniff
age
79545
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155264
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:25 GMT
dpixel
cms.quantserve.com/ Frame 564E 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGJtFbN0GD7rfvvJyotOcMQ&google_cver=1&google_push=AXcoOmR5EntG6ZUXVaXxBz3wNSN_dD825U0p6qmqT9wcE1vieBT9L8cJOHIa72UotNuCULAgbhPS6HVS-dRJZv0BSShF-5iCHaxk
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 564E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTep8Yc-l84uE1UVOLH-UlXzAyydr6aekwIrMg0c0-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTep8Yc-l84uE1UVOLH-UlXzAyydr6aekwIrMg0c0-o8z8fyNFgLl9PZvhXsJN9dGFwwJYLoAan0QTQ8rEwaK9PlW4lJY9P_A
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 08:25:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEPSqc3dhCSQ09cq8nYTaF_I&google_cver=1&google_push=AXcoOmTep8Yc-l84uE1UVOLH-UlXzAyydr6aekwIrMg0c0-o8z8fyNFgLl9PZvhXsJN9dGFwwJYLoAan0QTQ8rEwaK9PlW4lJY9P_A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 564E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENtpahrLxfSOAkjZqU8H644&google_cver=1&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ2RqGvNg&google_hm=eS1TN05GX3ExRTJwRnBi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ2RqGvNg&google_hm=eS1TN05GX3ExRTJwRnBiaEsxbUMyRjFLajJJdjlwUDYyYn5B
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQId1mF0Ql_UKOSjfMEnYnSt1H1Uz4zDQSQHBH-rvj9S2e_-58FxNYImNqZqnTPC97YDJkp5dFDVO8uU_BAxFvAHAZ2RqGvNg&google_hm=eS1TN05GX3ExRTJwRnBiaEsxbUMyRjFLajJJdjlwUDYyYn5B
content-length
0
dds
rtb.openx.net/sync/ Frame 564E 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO5vF2veyNXCFspIzadt6ho&google_cver=1&google_push=AXcoOmRZQlCrWc2pVK8-3Ls5_NqR3IXFTJY2hYqtafv9ElrRyS9JYrKGEgqrrgWGaRi-w_LxBOA1UejvepVutXpST9FBQB5D1CVZ
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 564E
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEAk2evLKBZaFQ_AKCEV-2nE&google_cver=1&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw&google_hm=M3pFRU1xcW5uN3E3UW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw&google_hm=M3pFRU1xcW5uN3E3UWY4bVlFWVk=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSJGklHIm4aLHU2xxdlQJ0AOFRWBFH6aTO__Vcgufw6pTgQV1wVNWiSoghdY4RoCP3KNpo8RSE3OEiQMybH4Os_TrxQ1T5ojw&google_hm=M3pFRU1xcW5uN3E3UWY4bVlFWVk=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 564E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHMozq6adWB4ur5dkakwkNo&google_cver=1&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBriUnX43k1ypzHuPdknUIwNx8H0qOTw4lq-wmzAUxJuFt...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBri...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBriUnX43k1ypzHuPdknUIwNx8H0qOTw4lq-wmzAUxJuFtCnKA
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTI0ODkwNjM5MTcwMjMwNjM2NDM4Nw%3D%3D&google_push=AXcoOmROH61BZpyY1eG8ePDToipmItCqMqSzINbWBkohL8QsC7aCBBriUnX43k1ypzHuPdknUIwNx8H0qOTw4lq-wmzAUxJuFtCnKA
date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pub
cs.chocolateplatform.com/ Frame 564E 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 564E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JWhNlppP6YF8YnHsFRzxuhPoVVbHAbo_NROhLUGRiekWtvBL787QMe8esQkg58XVCsw8b4
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1B13 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCmNwbViqRXAuS3PLpG%2BHxP%2FhPia2ADZpSvrJMjKENyxS4TdgldqB7t%2F5xH5SOSz7d4mCsTPqI6PWkoVp0aSIyU9czzjqsQUfdoZtKW8A%2BneBwoaEsjfUbxw6stezRjbultSBqjTE7Hsxg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f022affe5c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A63
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWmYZfDtH4Y4n8z2qSz4ugAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2WarpinCN%2BZleQC38TssvP8aOxtk0lu20TX4OX%2BVR3ygSR4MeZVnt2TumO4dA4CxC89loI1iU%2B3t4mTKfyXXsPDXrRnpUpoamS34QDDQzmQt15aKcyyhwOJ1dv3WS56yTJynEpN9YIYNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82e9f023288c5c62-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB_W238bSTm5CWiGtbemjtE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5A63
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEzGZHj4QMTK0Q4-7VaZiJA&google_cver=1
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEzGZHj4QMTK0Q4-7VaZiJA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
1501629a-bac5-48b9-aa78-a871f1a12d23
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEzGZHj4QMTK0Q4-7VaZiJA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5A63
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGO_lk_0BMAE&v=APEucNUuvkmv6dVEFFA6fF3l5nX-d5ZdALpk0CGnFhSs4U_Ximuo0pNZ56zZwlcjTIh80RP7oeAOxKjy_11p8IPGmCQYQHKl56B8cLQG5BoKSSDs2hcmW1X0wr5nhPV-ICcUIlSHo4TIQ-xvXW7PKLYr7oPPUks8LTGm9DPkKOt-5z2mnw6rFdmFuma0d3kuvJl_o3JklcjC
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
an-x-request-uuid
82e398ff-891e-4de1-9ef0-bbf0375bd784
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjcwMDM2OTM5MTQ4OTI2NQ%3D%3D
x-proxy-origin
37.58.57.5; 37.58.57.5; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6339 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 17:53:13 GMT
x-content-type-options
nosniff
age
570717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23900
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 17:53:13 GMT
GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6339 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:16:04 GMT
x-content-type-options
nosniff
age
576546
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23636
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 16:16:04 GMT
GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6339 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansText-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 04:12:27 GMT
x-content-type-options
nosniff
age
533563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38296
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Nov 2024 04:12:27 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 26FB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7B98 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D700 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
pixel
cm.g.doubleclick.net/ Frame E11D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cver=1&google_push=AXcoOmSa-0h93Et82JifZl_AwKdBzVUTze4ooJebsBcnpfd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cver=1&google_push=AXcoOmSa-0h93Et82JifZl_AwKdBzVUTze4ooJebsBcnpfdy82o3rhYj1A_JIz56mBDkP-C5V_5Jeg5h56xzUu6pZfZLbae9WnCI
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 08:25:10 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z3BvcXFoOU8xUjhZUEk1&google_gid=CAESEB8OOAfEW3k_5KL1YvIifeI&google_cver=1&google_push=AXcoOmSa-0h93Et82JifZl_AwKdBzVUTze4ooJebsBcnpfdy82o3rhYj1A_JIz56mBDkP-C5V_5Jeg5h56xzUu6pZfZLbae9WnCI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E11D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBe8R3CcrzSBvV8eh54NYDk&google_cver=1&google_push=AXcoOmT3oiemrNfAgP04REShJXTNoTSBvVhFhKNiHL0cloyaJkLeL_tZ8Q4BDWlN79OmdQKLUudmhwj2mU89uaPzqa5QG5p_N9Kv
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.73.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E11D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ6n2...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Z_m-KFLN8cvJbKHZsSPopb4OkWBsl17fq6T8DA&google_push=AXcoOmQ6n2DHOrMkg14JEMKLl8RrK-_59cUi1Kbr9HOhEu1ejwxpdPTnnqeO7Mh7V1swbD238X1JoerV_Z62...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Z_m-KFLN8cvJbKHZsSPopb4OkWBsl17fq6T8DA&google_push=AXcoOmQ6n2DHOrMkg14JEMKLl8RrK-_59cUi1Kbr9HOhEu1ejwxpdPTnnqeO7Mh7V1swbD238X1JoerV_Z62pdsqSvXn0ftD5gs
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Z_m-KFLN8cvJbKHZsSPopb4OkWBsl17fq6T8DA&google_push=AXcoOmQ6n2DHOrMkg14JEMKLl8RrK-_59cUi1Kbr9HOhEu1ejwxpdPTnnqeO7Mh7V1swbD238X1JoerV_Z62pdsqSvXn0ftD5gs
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
678042
content-length
0
expires
Fri, 01 Dec 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E11D 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEALkqzXXfJO0FnpvDtgWTHs&google_cver=1&google_push=AXcoOmS-zUBEjADijTbAFl-79eesxSZ_Pwa88yueYYF_zG4Ntj_qTDcMaNJ4JG6ZTHvMsozLZn8m2tNwUo9UdWRlSKyAToNqarO1
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame E11D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAeYoZOur0g_MdGc7ocGt7w&google_cver=1&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0n...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0na5b4hTBTsQcvaJxF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0na5b4hTBTsQcvaJxF
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT-3IQQUR6Kaum5IGeZWeTCj0lmJU6P9QqS1fM6X1Mu2rTm8Vrkfkmd-xt28YIPPlu_96lYnPmRQy0na5b4hTBTsQcvaJxF
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame E11D 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEJwAa540NaeDLytIKtQbR5g&google_cver=1&google_push=AXcoOmRuwaeYaY8Lrop8sLkQv8YBUekTMrVxqA7bDmqdIF3vi_ecDcoJp6X7P_zYysbntMhczv_HKI7SiNlya7RFOqrIB73_Kn1U
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.30.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-30-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Dec 2023 08:25:10 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame E11D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAeYoZOur0g_MdGc7ocGt7w&google_cver=1&google_push=AXcoOmSdoamVOT2SA3XqjMsLxCWxbTUOuoJ47v8m5Lw9xWBLtwJtqV_pSaOxnLyKXRK-ZHziWA0HQMRJp6I...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSdoamVOT2SA3XqjMsLxCWxbTUOuoJ47v8m5Lw9xWBLtwJtqV_pSaOxnLyKXRK-ZHziWA0HQMRJp6IaSkQP_-Rd3c63XSfryg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E11D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhmA7_--L_FokDlbIXK5jDOe5y9nNgCzXIlbUnZ54PCwkEjzAUyIwz-11vxr-A6Koaf2tHmA
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/7949160850625921024/ Frame AFCE 		88 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f855ee61724770bdde2006342251ad5abc34b24a7fcff6a5546b728ce7287cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
79523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18602
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 10:19:47 GMT
expires
Fri, 29 Nov 2024 10:19:47 GMT
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame FD10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu34YeSgUfOexdOCcVTWtpARdpk8gxnxCjVvc-Y3XwvOd6hgvpmPLN05ymoXiZs1h4c4pwZG7Nld5u2SSQob4mVG5CeCPBvUuwNfYnwCLvHWG0UDSzL9RYcmn4RgMjPHgOm_IcF5x62NYmkn3-zUlVtsoJod9NMtNp52Rh2aFYd2derlL_06JOxRUxebRvOng54Ie4hvbWiatR9NO-S_PrIqP2t9ld3kX8NuNhSR_mcVar2OJYBWO_5SY3R_Vp6Mye9utDaNDcE99EpjtICOxi6l0C41x9TN0CdxFgjl9LZR_IsyqTBLS4XS7W9CAhDxFvj6pI7Jge3dENOU2ISN_JlSkzzHL0pTJfvq10IenILdLuAdNjSjQb7HUM2VnqPTDMrw0d2tmvskD0g64Z-mh_pYS4G56VNCjXqPrKkf-Pr-uRZby3bQ03m9LyxcIs-3dB7u0hUXI6T-1FWDJOvdA1ofgnBzvO2SwaA93BAfZaabuVqqpYuJAVEaYrXy6vlbcBdfss-wydiWAp3DSNhfhgd6GhNAWSIPyX-Z01ZWolTTsoxJKufzwdkpvd90B4acx9nHJqLJa2a6Qeh0wcS7NuJ36Ld9l61EvCnOZur_X7pwGA7BrKp2DsnULoQwdo4w4Ew1iL94PJcFf5j00iWLqezS2V9fJzW0KuZGbKBh2h2Xn0caNTt4-3Sz3QchLQ71SO2JhKTdEavptzBtMkkeijxomlXhH2LFSvB1gwS_r0nEIO1zvukIhhALbRcTvALiJiDhW2182v_jyBT7HExUw_Ju9Cqm-za3rcc-3AlOUISsdRw84x6aI7t7vLueurHLJ8s0cQ6EWHjjyMruDl3qYGXuwxfzH6HPipiYoXCSvewKT4gUNClWznJPLv_olERmf29WraSg7C5uoS3ILOz85KCKezdFTMFjNXSJ0OSyv0wzgokOD91skxk1MIjxNCXPhlZnd92w4ruZY0i8ZKEQ6ibzTGSWZ_HdfJcSYJy5tQBYpar17fLp6FI0615rF91yC9EuJrpLj7qeMhecUA9vbm9eerR76UvrgNtI9tNTapNwX8PkWZZ_pau377MN0LSMUorzyGdduJerWJBSfDodPJGDtS-ER3WMTyBBDuX-y54aywmDN9zfMXqfs31VrU8Jq2nWZo3q7jEJUaOyIupUfDWr-GSGwCKUK5aVvHD28AvRosjNtXJPN077oMWTuAwa4GsZNEX0XqKTBwQbi979dXLCfPDACw-1RM20FgBSDn5WQXsKn2sjywZfxhSHe1W4-MoyO_tpGUsBSNbFFQfGfpwSQZIm6VwxIAztITaqg1inQmuiFaElFdFFvDzQ8axfjUAr_k-Qq_FBdXf0EZSoXViYs9TJ_ajXQeK_l5gyulCcQSMv1cIzEKJ-5Az01Ko6SXRQvD4H-OeG0zBLu93djqHmCRNjyY8qtNvyZOHJ7HCsopOKQ&sai=AMfl-YRDGWQP8yHBKLjDaITvbmjMItBZQrtLATxH25Wy2SC45mMK0O3ZQO6_FVnGiZFbcXARw7wg1dO3IJ8MLgFQGn35qdN0R7jbOvtoWaROcClKRwgPvQzNyG9wgf1a8M9wooeA8yJYIQf1xBPY4ra6KmrCl3A-Qp0WHYKZG_E9WveIFAMAQEF1qzYcwokIbiAHqN8blMrtBPsuv2DVmiySF_12fqN8P1l-qO4TTCeRehdq5zgJmLUoO_haTJwafjHNHIDq-0GF7yvM_yiZnA-a2TszU2KkjhZHUcpQFIkVRgYeaB2WAanvLtrcgzNqgL4h2duixdt43shIV9P55lWMsCCSmeJMFASjPJti7FVGNXsdjjhLdfOOnu_WPLyks_CfrygfiEG1GpeJL9DBuSA3cYQfCcnsIFuyQqjebYQt&sig=Cg0ArKJSzNGXVQ1cFpWXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=330&cbvp=1&cstd=329&cisv=r20231129.76737&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 01 Dec 2023 08:25:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DAD8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVGU6RzL-vhbwaSHLBP99c&google_push=AXcoOmS2SDt5CPqxiOEO4rP6GnY5snzTyzhkYlrVICQWW0ndYBXSZKC97Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVGU6RzL-vhbwaSHLBP99c&google_push=AXcoOmS2SDt5CPqxiOEO4rP6GnY5snzTyzhkYlrVICQWW0ndYBXSZKC97QRvAAC0Q_Qfp6DBgT8Lrmy_CViP9dhzAT3Ji34k2-UD
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230034-FRA
pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1701419111.293672,VS0,VE90
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPVGU6RzL-vhbwaSHLBP99c&google_push=AXcoOmS2SDt5CPqxiOEO4rP6GnY5snzTyzhkYlrVICQWW0ndYBXSZKC97QRvAAC0Q_Qfp6DBgT8Lrmy_CViP9dhzAT3Ji34k2-UD
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame DAD8
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOK-3QZWfwCHtFC_jCOWJnY&google_cver=1&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTD...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTDdJ4fBbO2R3xX3P6I&google_hm=k_2V-89eS8CTe808l6vOpAU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTDdJ4fBbO2R3xX3P6I&google_hm=k_2V-89eS8CTe808l6vOpAU
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQcPGb5JmbZNSe7S1myai6oRYJmvuOHAT-sFzWTPSshBs1F-ZZ-fckGlXasDvyme_M-H03PmZZ9zTDdJ4fBbO2R3xX3P6I&google_hm=k_2V-89eS8CTe808l6vOpAU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame DAD8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBe8R3CcrzSBvV8eh54NYDk&google_cver=1&google_push=AXcoOmTnqkbgcWQn8-7JvNP-lUGBqjN9ePJn1x4ykf18Et1i-rGEZG4gpV9Cd48dq_ruI4H66SIJheNm_eQRjK5-66XuTMbZQAFv
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.73.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-73-176.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame DAD8
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELtzsAwSJwPke_Pn99W_y1I&google_cver=1&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv&google_hm=M3pFRU1xcW5uN3FMam85...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv&google_hm=M3pFRU1xcW5uN3FMam85RDFlM3E=
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:10 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTik92f_Y5vFH6hEj1BCV1BH6LJSlh4FvpRf7QsGbYBRxYjGWNIczRys6EfY0fWaB2B0XAtpaD-kOutpQz_4gO0JSmwA-Iv&google_hm=M3pFRU1xcW5uN3FMam85RDFlM3E=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
0.gif
id5-sync.com/i/495/ Frame DAD8
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEJRuluGQPAmv3e7KQZhNJug&google_cver=1&google_push=AXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lDTXmFS8BnN6kH5XQTshav1YIA8prl4GLlViqbVjkKEJwSUvD_Ze3IjQ
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lD...
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lDTXmFS8BnN6kH5XQTshav1YIA8prl4GLlViqbVjkKEJwSUvD_Ze3IjQ
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 01 Dec 2023 08:25:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 01 Dec 2023 08:25:10 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmR_VbdRxBUwO3ek90vZxvnqlU74WVSGYxctEDtZa8lDTXmFS8BnN6kH5XQTshav1YIA8prl4GLlViqbVjkKEJwSUvD_Ze3IjQ
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame DAD8
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEGjE8u-iWTArmjoso1QzFtQ&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEGjE8u-iWTArmjoso1QzFtQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTY3aV2KveVl-XCf_yUTTjVfmJAAQqHwatQTUOhf50RbFdnBdhP04gO0IGE6bFzHQ2wSMa20euiRmBI8DBL9BvMj2z9UspE3g&gdpr=${GDPR}
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=221023f1-eb21-4494-b6a5-ec33f10b82ae&google_cver=1&google_gid=CAESEGjE8u-iWTArmjoso1QzFtQ&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTY3aV2KveVl-XCf_yUTTjVfmJAAQqHwatQTUOhf50RbFdnBdhP04gO0IGE6bFzHQ2wSMa20euiRmBI8DBL9BvMj2z9UspE3g&gdpr=${GDPR}
date
Fri, 01 Dec 2023 08:25:11 GMT
server
_
content-length
0
pixel
cm.g.doubleclick.net/ Frame DAD8
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESENCpFfC5veyvo3-oTbYnzwo&google_cver=1&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4JJpZD8XdiQm7zVkhKagAmC_6A6jTLEh6R
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4JJpZD8XdiQm7zVkhKagAmC_6A6jTLEh6R
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
2b05222d.27c22e09
date
Fri, 01 Dec 2023 08:25:11 GMT
x-bytefaas-request-id
2023120108251169CC86852756A01656F2
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a72-247-154-222.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time
89,72.247.154.222
server-timing
cdn-cache; desc=MISS, edge; dur=81, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023120108251169CC86852756A01656F2
x-cache-remote
TCP_MISS from a23-213-246-239.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRg6RTJTkvC_ZKKTU0hCEaW3G538wpeDZAJraogpN2_FnOZhOck_DP5b0-4dP4JJpZD8XdiQm7zVkhKagAmC_6A6jTLEh6R
x-bytefaas-execution-duration
3.21
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01f11f8ab6e1ac8750c6753a8da547310c0252186c33fab2bfb052e5c0603d74bb2cc198af07312386e283d688ebe36ea1b6dc8cba2f9f2a0e56da36fa9a886834853d883ad4c92e30f9ae35aa8376c5c1dd5d427b74694b827ee3f0d0a580d73b55961b69a1d2be4a68265254b0cb2d12
x-origin-response-time
8,23.213.246.239
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Fri, 01 Dec 2023 08:25:11 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DAD8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ju3zqVXmpT_I7Ey4rrZm46AjKhztwJCAHSjDqNwq2vr8XsWiy5RTPIfP-TwBY0hkueBKidQ-af
Requested by
Host: cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
URL: https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6339 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
006c11801498d00e265218ef1381e075df6db8c7a05bd79b9e229b1c605f74b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5887
x-xss-protection
0
truncated
/ Frame FD10 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b6a65e59f7f296627e91073a87fa73f44c3d2a1043b371a3a6f351942605930

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 62A7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
450391
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 967B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuEiFdkJnMpDiN8diktlk9sKAUq49X5xnbOXYjiQM30oZEr4SEkS_0eujHGjFsgHQxsGPDpkb3pqW5DJbbGJ3GzBdASSdAPM-isxKQll9vfIinnZtFac4LsUHhHE2gZuMbkq0-c85HHASfV_RJnIw41Lj7gxZVzXGKCeBhfeIU7rkSA8SLGHfmji-8fhfjhOpnDrTZle5dzQb84u_hQMkhkK78hP76eyZX4kpZLP-WLB7NYeLCz3Y5QTfTx_KCm6YcMdfrvg76q-HHPXUnnQXK_TyL37RgruVHzL73gnBQYh9mwvGjkmOaTXUhVOx0Y5Tcz51dEO5VkQVTluLtJtj903k94mVBmEUCnsZ_T1QKqFZS8xEolLikWIg6B3nXC6s11VRL8lSAmoWS8UPDiIg66E5yx0w3D099F5L_zG6spgyUrWDGdRafGnNP3GKKQTXpRBHpMrIq20wHzMlI8zkGb8yE4YD-597uR78NOyy15cClLfSLwBmSw_q6vccN8Me4EN_AGJU9YXly5qjOXTaWaXFGPo9b01mQcpPDzO4cd7rylff_rJ5EF1zn7hEORxbECbSaJYqI3qBwiQHMHi-SMMnjnBNvQEuzl_6n-vG05VAdcTKp16p0pmR4qlxlovCuz_Up-wIDCq8-e_s7-qRYtz7t1iPoflHv2A4S6VEb9GcVZ2zTh74pGjFsrQ_mb04-ns5hs7009Y2jhgA4v9JBPxOPS3gfYEPGSrI37NGxGJR33Laq_SiVAULEK2pNyN4opn5yOnDZ9YS5IHwDG5kIrz7EaCkTenz41h44TcYO0pUKUKZdw9Fx0OweFskpubFxpAhHrQ6lZ-S8KTUi3yZ_eTVP0eqIwl-1xCUevCf-Cn5TEFHyui9669y1qd-l-2PXH0FY64-rKTDKNIjBhwLn7YUPwDCHn3K9bMpjnoR5rHPl7hBqpm4NoPywuV3ofS7uGmtQlb5_cxJdbbqq5_qck2SlRHdEMY35Q-4GqXADwqvSct8kbg81ed2YmIiD0cYmn3BcBN8VDMIcLaixV2z00ElRQ8tul-efw88Ua6n5XDqXLY2Vgm6yvlWfNgcGTU1fFiRK1ANmkb5iJ6HnMfuDP2uxMglaFEyYw4kNSYnsKspG__HHppN9F_AHepDm9uVjZfZrMjsADXpPjssYMk9dgkhclcbqYNgpPpW1fZpjcLiTUQ1yKguvmkMrU_feuut4-HsZOfxshc1xtv3_dgQ4OJm5LRvQ3cWCuU5iEFqIuSDhcJWbaxxIIyc3HJNp_FD59fQZ4sXHzMZkJ6zU5nV5t-CvrQCjneQBjoBQt8Q3y-EItN4qXXtO2ebfz832SABq7grQCoMMXsyfevus0WSK42G1BSq1KckhhTyCdXtiH_4iNoABxphOymxRIRo7FYnjvQshdNfV6atzR4i3dw31zWf_qlEK1VeU2SID5Cd2S5B-Vgu9M-8e1M17Tsk9pABbFK_BGVWKhpUa-&sai=AMfl-YSET_btKSIqL7tovVcfibdCBzRTITFrJDK5UBLVFd-WhWXV5Wqrz9C8ZtJJjxooioPNEo2JkdOVX6H-z317clr40I_M9_MGVkr79q1vUU1TY0epUt0NFEt5XDju9FWhOHJI7lJ1kjmwZ2HiO75cCzJLExBHfR3QwVTPpJyKsuVid7wviQou5aOl2gRRLB27rK66rayyPdsgdbq5IOHXTld_mSadUhinpSslAp-EW11KZx5SdwvDQacAUi3iz3M3tXshvnxOMgb1n6ctfXq2ZGFX9XqDNz3nw4hPTZJvEgs9_4xDdiEdyekHR9DyfRwY9ptLaEY3f0C1ww2Aut-gRGFvgYjrBt9R7NXelAz9--Ac78kULsWfp__DwkmH6FDvn7uN3L7Xny8s_456THyB5e2mngwYTySs39Qz8rbQDnis&sig=Cg0ArKJSzHVJwSkh1IH9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1228&vt=11&dtpt=924&dett=3&cstd=294&cisv=r20231129.73901&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 4530 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjss1sKFDq_RJGU6jBJE4W2GNv5I480ioznT3C4S4CqhN9q-HuO9YKbKNggiiamzGs4IJ-3d0glB_abVM6erQmc8Z9mYjANBjlR00ywj9I7tnJGplekLJriqUXk8YbWD6z96EkHLpPPauFtCI2NflkWpWPTq5cZZnMLFufMzYd2-QhP5hk44VAfNMGIPbipNW4mkrlkBxAtmvZ3wFfnTpJyxFegV8YWsSuoEZjauI9CxtmPchGP80Pae3XV_F9w0OTYR4e_5UbTI_awBROsng9iZDS6naLGlCXlL1Sd_vw5BDpzbYU3LtKboRXA6RUEWYTMZFwrecgWNXGyesMP0698AnAiEhiMSiCVRguXzGmURJyeF8VL-ZBSVb_uSKCO5TCZwGt4Ly1ce_ETqpCFy3LgtGKKLGQjrSFt-422_LeWnU7QJHdpgvx2EfKuVR5X8p6_UBTSuRHuM5sXTKq2bX39HmDpn0tPvS3D0IV8_2YCuyMo5LmzyRlm3_HMw8NofhwF-WOGzaeS0F0HxYMv9UPtBVfskrOiQ4GJ_y37rU3fgfzc8kG8ZJPDAgeJOBZh1GYkrRyA4-rGjVpdwWyGcCTbN_txMRwz-qUw6D6rK_TmIJJPHuwbqeBhJ3JGezGsmVA5XXCDIdFgtYwLHo7lU5aE0YGL9aeBuQHxyx5awjJqzGRYl2VJcW_ZQLHUvoTTO-u_m1ipVEyEsQe8ZxisQ4Pm9VOCSSo8HnosQ1zXS7gRYRr6zjfeFCxonfng1mTQVrCyKAREgZI9vkN4S0i8SExGewe_OB1HETYkVO8boeEBYcQKXClaHhhCbNa2VWdVjv16p7l8x8QOXbaUwXmrbdO6anCvuEwAlDBlUvyeBGxK2PrNQY2OanwqRtcLU4KDjgAq9mFiMH7M6VCWpn2vGVZ1voBTGIExcPQrRUqBl-lMGTRdJSu2UWFmdIqZx_dKYOSt71MWCYkXh5KGiQAmbS5qUwCh43xZavk8LyLzigMqDS7vGG1o3i9GjMt_jbr9UhTv70_Bo7q9QHrp4D60eeCrw9myH_Jj5MEkoRhcqVBMKqv7ysB9grkmGVEdpe18cpQx8D8jddH9-o3rnByHG8IOhZ98rJed_viHY_cfFviDvUARpfei_oPPeRU9qYlJ369JDWlws0lK06Z_fIyINZEFx_ORDLfsgKyXtFv251-xj_isEio9xtLZJTIZDY9h0cc-mKu7D8t9OhIKgQYgiLtQcz8ytWmaMiPLEbaAJ4Gp9P-PEhtURs0GUtrJgDV6GUMCJnb4ssD7N_Ci0Pt4YLvlTygPimNIjb-dZwTOZADmzJrU4YBllhFzT0Kb5L3kVjNppFZIazP3Ovzqzw4PQlkRJC4yCr7r7BBc720umi2mv423slqwoBPaDOOEhE0BKVRtZnzXCdWRtLgh341NpB0hfG9560sKWMBe7Elz5JpAjNOTcApkMXQTHK45lb_UfI-g&sai=AMfl-YQo7Rbgte5CTqsQui8pXAFEex_5l08_q-cqSBHJNm_OK8xdDUqMLimvWV8pAaBSKQSvlC3Y-VxR701j9ILofAPxpE54pn37LrT985BhJ-xa9WhoyX2Mq1QZbxdLn-FfpV4Pc09Rh2kMyA6Kym4ZMNKEzqjpyU0LwJmNaA1StXAG5s-tegYCA3Ui5uV70ZvDPmKNfVYCzzqH9ydgtR1mJxYF9z_ZlhjAxh7dM0ie-FC8P3_HWJ79cJl9PP5PvlLURhqBVdDE6apLKM_bh16oih3Qq_-cl-vMG2Gwmd7QJJRBuCMwZ7GTvEIy4PPYg8J6MVrwt9BBGi7rp-IcpqD7DGzX4yyPQfkDSfmtgu4wVmO-2pwLuKzq8Ys_pa-iYo5zvSbrGnTvUxW1ISsai-Aouv7mY_KECnkoQw_IeIZ8&sig=Cg0ArKJSzMpX0g77YdL_EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1101&vt=11&dtpt=929&dett=3&cstd=170&cisv=r20231129.12523&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gsap.min.js
cdn.jsdelivr.net/npm/gsap@3.12/dist/ Frame AFCE 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gsap@3.12/dist/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4e92f6e6e2b83597ba7b902945c88d6104d5fe667023fe596c3d1e8851f574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18921
x-jsd-version
3.12.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230096-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"119f2-r7cRNZS3lGKl+zhWPbdZNkKIkLU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcuDR1umUXWoB6FK50NfsHQF89khAYja8YGOXV%2FdnLTqzFBUiQ2eurFVvPGwJK6%2FVG5%2BLZfhr0mKSn9Wi7DaYtIb2iyMbSgyMsee2IXrUqzFfqNm5uQ82tFBQIci8z%2F%2FJelQ9U8k65six2Q2BgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e9f024ac351c8b-FRA
CSSRulePlugin.min.js
cdn.jsdelivr.net/npm/gsap@3.12/dist/ Frame AFCE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gsap@3.12/dist/CSSRulePlugin.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94872ae5db4922ccb4fd6b2e3f18cf7c47414b5c1d98e557d9f81b659d417af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36303
x-jsd-version
3.12.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230068-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"70c-3DJxRUGKsII9tm0Bp9C9aC7/nXk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VzOsdTxDXaYKgAut9yI1g5EUrdelOooGFmmkrCHW5eOl9%2BOS6BozWOlBYSFTBUebO8lEyz8tCyR8oD9rg3hXiLE52j3m84ux0NRytbhjol6mo9XQ%2BcWLvUjJao11znl10f43AgrMrNb%2FGkrl3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e9f024ac361c8b-FRA
13dc9848.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		669 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/13dc9848.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
4b912a7d.jpg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/4b912a7d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5802303b9ccdf0b4467ff1ae855be9c11c828cbce7fd50ba1eaf5f3054ed1d10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132096
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
d25661c1.jpg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/d25661c1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1005b3e1ab9a4aa88173b46f7f5bb31fed73febbf284e208747aee3adcc72917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142945
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
d8258194.jpg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/d8258194.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc2da81ab8ef5ad2f7ec130839c737920e77e72c4ff41d8defbcefc32307610c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173449
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
bf66f24d.jpg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/bf66f24d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4daf54bb3f598c4894ae3d9bac6d7f89e3b90e149e066ed6c1c77b86a04c4004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132703
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
4332eb45.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/4332eb45.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2343
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
f378cfc5.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/f378cfc5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2433
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
31152810.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		302 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/31152810.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
c4359259.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/c4359259.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56129ebb684618a83f504a2f56faef151c9813aeeab813b01f558dd18d72d21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3824
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
0dc94f5a.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/0dc94f5a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46696e0663280d216487088fcc130376c529f9d61aebce74da1d00060b34d70e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7668
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
c7464d32.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/c7464d32.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a640219543552b9a503513d53668e2006cd60167d025951b65261093860e852f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2344
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
92fc6434.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/92fc6434.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1385481bde89fb72becee174c373f77b87a2f9a0545ddc7eefabec1ed244d05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4091
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
f85e8526.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/f85e8526.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3321ff9d756f6c725088270351bbfeef99e1a50896f5efa234604df3f8201fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3539
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
18756aeb.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/18756aeb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1a83faec3a4f10627f16aab4ee05193df339f097599d301068bfc6bc4355284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6470
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
27fdbe51.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/27fdbe51.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ec63003de6ab39bdfaf3713098ec254279750f54057033c63ef403ea4a3052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1586
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
5fe96f6c.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/5fe96f6c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b1bc589e4403cbfbe7752a126e8e221c484e63ec89c5f2136fc5ff07a4086d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3131
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
d3ce6798.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		820 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/d3ce6798.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
470
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
1147abdf.svg
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		769 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/1147abdf.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
401
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
43c27d80.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/43c27d80.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8545c2f56e060e0c83fe6eb8a8b938b126d95604be24e2612aec3fa57bdfceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3335
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
35104133.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/35104133.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf92c37a0951e11d7a73739952d7c3f28f93074cbc580a6438848d63a3e6fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6589
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
0f373144.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/0f373144.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
c8840ccb.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/c8840ccb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
fafe24e5.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/fafe24e5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbe36a52a118e3e2b89e8b2447fd8a9b0be2bbd1effa20c4acd921104155487b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30467
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
58b40b2f.png
s0.2mdn.net/sadbundle/7949160850625921024/images/ Frame AFCE 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7949160850625921024/images/58b40b2f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53834650d96086e5649d18d0f9396e16734c6c963a036dd2c8ab005b2a94506d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7949160850625921024/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:19:47 GMT
x-content-type-options
nosniff
age
79524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89615
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 10:17:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:19:47 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 1DFF 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 20:47:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
128238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 20:47:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6339 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 08:25:11 GMT
logo.png
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6339 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/logo.png
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:04:16 GMT
x-content-type-options
nosniff
age
80455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8111
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Nov 2024 10:04:16 GMT
60015186_20230202011701910_award_logo_970x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6339 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011701910_award_logo_970x250_default.png
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:21:16 GMT
x-content-type-options
nosniff
age
39835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2309
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:17:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 21:21:16 GMT
truncated
/ Frame 6339 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
60015186_20230705095301550_970x250_GV70_DE_image3.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6339 		265 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230705095301550_970x250_GV70_DE_image3.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b88bd321cfa7cf0330e624f517ef6530c4ecf2dd4036f2031b5452945a6dde46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=x0rcV3kKlN&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:03:49 GMT
x-content-type-options
nosniff
age
33682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271556
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 16:53:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Dec 2023 23:03:49 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 62A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E91E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4530 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHLPCLDhPpaegL-j7IELph_k_ydMcUnzgIbIionsEwuPeLFHH5weRo6ci-ZWAiT5gPbRKOsi2iyA1JbVISpMBCDXy0d4kP9iBddhvN9uX_OuwtLJNo7TtIsPGWP84FmmgkuvMUSeN6CQe6&sai=AMfl-YRulqoDU6uYOdraV1nlxI7u3iVmqsQmYXdjwzhEfyuB9HCgqoGgz0tSlYljmnDS93SaXOqqejAcYhkvoEFc4ZjRiSVnpUpdMslIUScKpcLfR1m4gjxGLU4EWofse0mRFW9IPmmRiQ&sig=Cg0ArKJSzEY4zESO6Z2HEAE&cid=CAQSOwDICaaN5B4kd7Nm1N5z6hiJVIGkQ2uoAbNwp-3n5uJ7TvOB7O50iuBQO4AkR0_f1nuxvhKYsy48B3a2GAE&id=lidar2&mcvt=1026&p=1163,297,1253,1267&mtos=199,785,1026,1133,1133&tos=199,586,241,107,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1364334729&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701419109874&rpt=321&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C785 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjunbHpLSIltUIEdoOlV-Sl_VneHMPq6RMQ8m7ikcyiU-cGZyDu48zE9D1w1ErnJFoMRSXYL3DIzf7NH3-IePzvy3sUnzWXetB2F993itP4C_vv5hJeXyU5rCv11NlmGpXdqsGFIo0HsQM&sai=AMfl-YQQ8rn6FNSaLiHEvLtztRGt06VdMBnu46S5ONewXD4Rek0fuQm6n3ZeJYlN3tw2oYtPG7Y-AjuWA3ppF8Ffc3kTlLjyIaLRSm3lOEwIN94eG4-Ba75tHfpi0V7-ANKsGM592yCA8jXh3w&sig=Cg0ArKJSzMjWLjVK6q8mEAE&cid=CAQSPgDICaaN07PEXuUZnrT2xficGWiZKxCouIfMu9CYn90DipefQvwXMnxnCPz3sKFNUcAkgBQTgjZ1_HwXwjecGAE&id=lidar2&mcvt=1029&p=153,33,753,193&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=549661912&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701419109901&rpt=346&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B13 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeOfmZZhpZceFFueg9u8PgMim8AMAAAAAOAHgBAI&bg=!w8ClwI_NAAY3kmNgF5I7ADQBe5WfOC4WiRgk5FYFC-190dnI2PUAO3kuDE9agTTYYnXQEooTIzFx4Q31aZltOjPgdCV7AgAAAZpSAAAAA2gBBwoAHJo8fX0_iql1Xz3bYcOeAWjAh7eSGhanD543PtyZAwyydo28eiLY7zmHIoidgzB1m50F9Ep6Y944Cd9J_UtPsuAtfjqdHhzzbb8crUcaiFw9_llQ9cjobubEzvwD-MSOfYONXtiWq6icxXgUJWkEZGkba8u0wvxV4PuvVXfuSHkzbegUK3JMfBGPtuXsHQJMLVRY9MZ4zycPQadZTfts0yod086LQtDPPTTRLkWw-J3wkSAwOlkze4FT9ABZHvAnK8KoA3Rr1hq08UnEbDySyI8Pl5V7DgTX7zZ_3cMYUIvbxpa2m0syrWL7EG0qVzMTV4ZZqMKLwDySl2LvPGReB2HaTl_MxlxHjLAGt9AuYFdgOQrpqtjODTFfkXLSG71kjr8wIhSRkWu-r01piweJbI0Uj0raxJs3VMPSdoFlOGexG68ls_416uqEZBJFsQE9ki3dHhP_tM0ql8LtpoyM0F8q4W_yQlejsyWcFv6jfnlRVlnNDzjzcGdYesr3LTYIU8uM4T_nQKwZWGBjFRId86LK7ZPtJZ_mT4h_QCBx3ACnKG3pKOVaL-fqIFxKHrZS6sv-ZmlnM3qMj0Lf2NHUDxq1rjBDn7nLl7hTL4ag3AWc1Hc09mDBp_WocVbnHMXoBVsjmbPl2cbt6_y8NnKqR_z-CxUynN0xahKwmlSzrCJaZNvwou_CsoiJiN6pXseGG7atglUmPbe9cvaYFa-DCFhFW7IrhN5_mPR2qmT7b8eC2fz_ErE1ApWvu0g4Gu3SfXdjepZRKPmgHBD2oo3lchB8RTiqJlDgyeU7SZu8Sa66FIyX9xYImQ7Dd7FlqXqILgUmlYLDI4qp9D6tRMTpB7c7i4p8ILOkMsxzvD0roRyvvCbSUfjv9Z9_rNCWXMZw-4FbV3Uen2bNLHdojwSdfroAhJAMCvo2-wK06m1FsuAO2nVrEpgXCdCIlOrB2iFUrQ7FYiU73TdW0liCuOulsNCGRalUHamOjJmYj_0CDICFqeHDKV7WqTHyhBrvXCzyx3H8xjmU5ysorMCO_s_VmPDqI1LHwomBGvKMjfgFvCJcHJkzdq6bNtAJt4E
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 54F5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUS2iCipP9Du7LNqlHFji9maxkKfgw0BVHwg2nd5z3GcX1RWbBCyspvtONPJWxmKhLvntxk9jTcDEi6Dan3kKdKqAazsZCwEkI-lzHiXFfKmclt-i14j9TNTf5EJMYoAhiQy6bTNBTI24Y&sai=AMfl-YQHr5HzM6nTWwU-SfLvI2MkXiTdg7yHpQ2ghQFY35Wo9ccJ1GfTBDvn6Hl11tsXL1FhqhKrRhvCmEbw7d7Szyrg1wgppWtAGEhfSClkM_3DwCYA0MOPlOXG-IxyhJWx4R5FYNFwpfGLMQ&sig=Cg0ArKJSzKGLL95NQTtyEAE&cid=CAQSPgDICaaN07PEXuUZnrT2xficGWiZKxCouIfMu9CYn90DipefQvwXMnxnCPz3sKFNUcAkgBQTgjZ1_HwXwjecGAE&id=lidar2&mcvt=1042&p=153,1407,753,1567&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2103359600&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701419109908&rpt=457&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame FD10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu34YeSgUfOexdOCcVTWtpARdpk8gxnxCjVvc-Y3XwvOd6hgvpmPLN05ymoXiZs1h4c4pwZG7Nld5u2SSQob4mVG5CeCPBvUuwNfYnwCLvHWG0UDSzL9RYcmn4RgMjPHgOm_IcF5x62NYmkn3-zUlVtsoJod9NMtNp52Rh2aFYd2derlL_06JOxRUxebRvOng54Ie4hvbWiatR9NO-S_PrIqP2t9ld3kX8NuNhSR_mcVar2OJYBWO_5SY3R_Vp6Mye9utDaNDcE99EpjtICOxi6l0C41x9TN0CdxFgjl9LZR_IsyqTBLS4XS7W9CAhDxFvj6pI7Jge3dENOU2ISN_JlSkzzHL0pTJfvq10IenILdLuAdNjSjQb7HUM2VnqPTDMrw0d2tmvskD0g64Z-mh_pYS4G56VNCjXqPrKkf-Pr-uRZby3bQ03m9LyxcIs-3dB7u0hUXI6T-1FWDJOvdA1ofgnBzvO2SwaA93BAfZaabuVqqpYuJAVEaYrXy6vlbcBdfss-wydiWAp3DSNhfhgd6GhNAWSIPyX-Z01ZWolTTsoxJKufzwdkpvd90B4acx9nHJqLJa2a6Qeh0wcS7NuJ36Ld9l61EvCnOZur_X7pwGA7BrKp2DsnULoQwdo4w4Ew1iL94PJcFf5j00iWLqezS2V9fJzW0KuZGbKBh2h2Xn0caNTt4-3Sz3QchLQ71SO2JhKTdEavptzBtMkkeijxomlXhH2LFSvB1gwS_r0nEIO1zvukIhhALbRcTvALiJiDhW2182v_jyBT7HExUw_Ju9Cqm-za3rcc-3AlOUISsdRw84x6aI7t7vLueurHLJ8s0cQ6EWHjjyMruDl3qYGXuwxfzH6HPipiYoXCSvewKT4gUNClWznJPLv_olERmf29WraSg7C5uoS3ILOz85KCKezdFTMFjNXSJ0OSyv0wzgokOD91skxk1MIjxNCXPhlZnd92w4ruZY0i8ZKEQ6ibzTGSWZ_HdfJcSYJy5tQBYpar17fLp6FI0615rF91yC9EuJrpLj7qeMhecUA9vbm9eerR76UvrgNtI9tNTapNwX8PkWZZ_pau377MN0LSMUorzyGdduJerWJBSfDodPJGDtS-ER3WMTyBBDuX-y54aywmDN9zfMXqfs31VrU8Jq2nWZo3q7jEJUaOyIupUfDWr-GSGwCKUK5aVvHD28AvRosjNtXJPN077oMWTuAwa4GsZNEX0XqKTBwQbi979dXLCfPDACw-1RM20FgBSDn5WQXsKn2sjywZfxhSHe1W4-MoyO_tpGUsBSNbFFQfGfpwSQZIm6VwxIAztITaqg1inQmuiFaElFdFFvDzQ8axfjUAr_k-Qq_FBdXf0EZSoXViYs9TJ_ajXQeK_l5gyulCcQSMv1cIzEKJ-5Az01Ko6SXRQvD4H-OeG0zBLu93djqHmCRNjyY8qtNvyZOHJ7HCsopOKQ&sai=AMfl-YRDGWQP8yHBKLjDaITvbmjMItBZQrtLATxH25Wy2SC45mMK0O3ZQO6_FVnGiZFbcXARw7wg1dO3IJ8MLgFQGn35qdN0R7jbOvtoWaROcClKRwgPvQzNyG9wgf1a8M9wooeA8yJYIQf1xBPY4ra6KmrCl3A-Qp0WHYKZG_E9WveIFAMAQEF1qzYcwokIbiAHqN8blMrtBPsuv2DVmiySF_12fqN8P1l-qO4TTCeRehdq5zgJmLUoO_haTJwafjHNHIDq-0GF7yvM_yiZnA-a2TszU2KkjhZHUcpQFIkVRgYeaB2WAanvLtrcgzNqgL4h2duixdt43shIV9P55lWMsCCSmeJMFASjPJti7FVGNXsdjjhLdfOOnu_WPLyks_CfrygfiEG1GpeJL9DBuSA3cYQfCcnsIFuyQqjebYQt&sig=Cg0ArKJSzNGXVQ1cFpWXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=984&vt=11&dtpt=654&dett=3&cstd=329&cisv=r20231129.76737&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D700 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_6W2ZZhpZaKbI_SU7_UP8Nme6AgAAAAAOAHgBAI&bg=!1Nel15jNAAY3kmNgF5I7ADQBe5WfOB2le5iSg6b8Wqe1nnIMkN5qsQKMhJSpmWcMjGeQhd6GKukatE8SBGZJ3EqsQ3foAgAAAT9SAAAAA2gBB5kDD8ceBUy3PliugIgtGct5RffWEj4qbY9oeTm77UywtbQkr35JhAUPaes6UudW0-SnJ5CqApDHS75oASie30B6ahTcbhjs6xf8r5lbuI5xYdry7TRPTQ2dY52c0p26dblPn7w_drNrpKiYF8JYJWer766htvxiWTTQDQZ2lEBaWXroxXM0BedtgKp3DS-9fqJRMDDRSwysVELL0mupGvmYyRQpX1MU_xqsYNi2f_H5mp1JlFZ0dHP0E_AP0ik8GPltJz3oP2rHzGJzYxPeVj2Us59KjCf5Im58ohDBsx_SWsMa5wphz_hhg13YAZ7bGsgGyF74qWOlgwDcNluKfkjSQPd9oyhhTRImwk5EVD3Z1g5u-dhqgV-1Nsq-IS7oTy1HbuBLjz46suDaUA5QEs-v0C_ohkz08LRvXkqAmewZD8LqQNxlMnP3S-txHkV1lu0vatxlRgd2VEzq79xAy-QSb5lMy2GXqLDmLEnuN4WPeZu8N8eYImLGTjgtRecjceadzbW69Dl2PodF6N-tQ62P6zla54JOwIa9XdJc4Uyi4pGjYUwhOdNxRGyrGFeysso4M3T0MStXEWOW6XZBaZuzCn3seiZXM-CmRbVCeXz0wVOLEvkpCkmHv6bOUH3lDzuj8F6MinTAt9C8b_h3s2Z38TrYOpHLEoc3ybYZJ-wL9FjGbjmhKT20m-dpDtb1BgGtE-QtCZCvTN2ueYfL-GVGaETFg7oas6AHgsnvLVKFXBiO7dquzwv5-sh6ofr2L-sajZ9Vy-KOD0XRGlCwfbXWuo6dC2GSQrEl4M20ATkwx05kRa1Cp57oMEpO8Fbk6_rltF1HFb6MdHrNFlunGECPwVu9c6-kDEAbsnyQ9i0Tv8ZSjEuWgMcoKMdDvEY8xJcRw456YGCGGINxG0Q94eQcfllv7ZkIkQzuDZqBHwVMHCOEoMTQY6p7Ze49Q8HyZE_PJCV0nw91Rb-V2_rgrJTb8boajfBKlgE8cTsMDShixiPn1OPVgAGog2o21dWa0RqRn8YHZT1B1zQEHnMeWodbWA
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26FB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6RfaZZhpZeWtI-iu7_UPqrmzkAUAAAAAOAHgBAI&bg=!XF-lXxDNAAY3kmNgF5I7ADQBe5WfON9R-ZnbBWt3wZCwwlD6HVQH5fA31jHIaGE2YBSsmv6o6qBjKO00PS_8ROlikWLUAgAAAX5SAAAAA2gBBwoAao-OVvUsrv6GX14_wQyYTgOJUHxrNy1OhRntbj-pOpt-x4PBRyZWwtdh4gzvu2f0JyJv8TmcAxY10rII3CTRvOJ8LXR0yc_oG6UpsqGxnSPPGliJqIPEFXdI1CJIG0SZu2indPjJt1LG5QOZAxKPWfWkK9WfFMHQjS1W7UI6zf2gkdjco_DYoJYJZlKDfVXpLVyovrjVDbGWsJilP2-3wPMrkgpUP90Jq3QoNHR5UyfpZONbfI6qpE0frDrj2e57kBvFThz5Z9TJYKAurszAQcNIXC5qinGRweMaT5O_YPiY_AfpQwgwo_Rz8c-oW0CsiMUcXrobmlxf37P5agXrEyHZXhcSSbXtv8bi_s-_t2CazqPIPbDhppQa9jukMZv3H1zM8AwtRJ8TUxMj5XxsAePDWqSbuUmqV9iDh3SZrD621cAt5lUEEzcRGt_SEQXnWgkbDFp9iHoZtUWMLPVrktSkSt7LhUEotZ2fhprIFvHai98HRhgEE1JroIOUNY2XuMfPEEm8CHYZ_jYRALenuWdZ8Tyf64rx2ahgQd2wCADixiL_3Lp1Kwi31g7ExbDvSAnq6h6l1a_Ckc1QS86t31w64OBf4KIxqnN2SIxrc7u3cpV0cJHWgm6dOhWEOxIrOGvPplQG_7g_bVo_0w5HDkXikmeYowvPWFjEB2qaGZBY9qSVKX6TAyIWcSqDkYAyzCqCo9BOBZNyg9t7UIoGIpatasqPxowpcORYf1bKzHYZcGNckLJzhs99xzqRKKwaXpx1cii1M_JulvS8-K4qcqGXQ9dZqFzsBAp0QI7xRvxEUTxIRJC2Wd1_nsut2VgkdTQMfmYWBnAei6ZD6HesiVeJ9DsflseJC5QE9G8PtLK2q1mp0L-9z-DgDqlZuTZP5wrrgkSi8YsaaDBya0eFFNNs-SamllFMnULwdHrm1YtqNlv6bX8m08bcB3jsQ8BePd0DwyV2jQdjLV0rx6Eh-DnFR2Yl3nP4wFeC2GnF8c2v2-7u_CbIbYy-uBcreNnsZMrxz1Ssu_Ox9X3Q-l9VyjMQAzbFJIgu8licQcZf_co_vX_EHFgy4WWVW5HZk6pKmRr9CRte890YwhGskjuGcuEyd5n-9uUnugTmEww7KTXoJN-Fjb2RQDFfJgZ5oqJukRQCB5OnA7jNJCodQxNrHtzr5VFAOKX2YYeVH8xeflU
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B98 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJk_6ZZhpZaGbI_SU7_UP8Nme6AgAAAAAOAHgBAI&bg=!zs2lzYLNAAY3kmNgF5I7ADQBe5WfOPwqz-Ntny4NpuOPl5oLdGSzxqjSiqGgseREfbPrivjrT2xyL97i-_p_OoR_95GFAgAAAXBSAAAAA2gBB5kDAPOPuJxTi85kttZTi8A_UZCmjIKXu4huKJr0uf-ygFI-nDVaRXHm51uwLXwxF97bdYes1i7oe0hlGmhQx73roYL6rSzWN2_WUL12FzD3-howZpE844Zlo2jtsf3tue_e2pNE9ihlaidkpGPYOzBFFrx5rnBCR9CgJCVCP3NQVj7iFMEj9_HfqTnABZzRONlVVl767v4hYQCSDTIKVDYUE_GC-Ci2F4d-xAXbiAe57hTcWaFngjlAq05-zLJu1Cwx7ip3efDpGMY7pIBVxVnCIrsx4vWaTDDjcuoKMFkVJ1w63bFmkYUxhElpBfcV8-8PBryHLrPA4OcGeFvN4jjqlsIS3YPiZeaOlsZcctlki1bUbX8ad0T4VJoeLRbdUtaTMDHEeOzu8HxhdOfrbrggoADLNRx3k26FB1MU-XA5M8JXXfEqcdYYd7Ne-kd8LWs_fFcNadNGoQ0vHktPF7DITVDQg5jhLYmK6kAEF9WTukbhnA55C3YGZFjPOKZ2rDwwaUqSb1Uioy-UwkULvdlQGcs5Vo1dclOo0AB-vHpGL4Em8jus5mzHhgx0SEw3XAox5-h30qCsuTxpvwYWEUbLRGUCw4N8hJ6H33Vv_2Zt0uUdMnIXmUoaprCQ13ayUaPS9hSZvyFGOi_lheSx0o8OXfENItQcUez6LSCAQ8IA8UnYd02OUr4njbiMauqNqDYl0KPb3V-BLcMJOfh6ZTYHwjFC3SqMmBGICBtkHgM83sZCHJp3-YpS13-zu3uWPwzMsJI02B1RkyhGzJPACl6qBBu1jcuVDN-0TIvKq7o9A5-YuvU3iuhOtU3B8felICJ1K8J03zBkorEyz2c5PKDgUAcm9iBUbPX1B_dfXEwpTg8sGjGlcPEpm4MPQi1AuYk3ZZ7pn2Iu2_siWxUG_ONDUgmZBQlkPX0osTaD_nRVy0mXP8zKFVVGhQ1lkb0538_rzAqxD8ejhjTyDMAkwIB43Nv1xFdWL5YhpiNBTFUdWxCxJrbMdxyKN8JAW2idtHvSCw
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 62A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4Q7qZZhpZZenI7eU7_UPu5ObsAYAAAAAOAHgBAI&bg=!EBOlE1zNAAY3kmNgF5I7ADQBe5WfOCGDPZdIcrNgI2IUk3qaIK6bjr7w1iUCudMmFhagRB0lx6dIUk0eg3ktrCkD-ZM0AgAAANVSAAAAA2gBB5kDCE5ivRnRIxUl95QEYQKZAxUjOOYI079QcSThTVks6Sr7wddtcnnxKflLJSgpy6G3PoTelg_ssMSUu31165Uh5Me4ViyO1g_t2eSDC8Y60O1iHMpM0lDJQxR8jTebfL_0rZ1mpwx_9r-0bSoEyBURrX5__vJfXi8ZC5qCcEACNmAApyxqv4Q3VupLl_lMf6y8X_1m8I-eMJEaWb2jeRCe0W6xV8NQXU435Jf3pEigGrAnBse3nqf0F9DDk0qYP3NZ5PTAHqtoqb9zdw0l0nkdscOGs-oa-JQHadoGAEij8bTT5WRf5yRR8RYdAvnjNr-yT75u9SkFgY72ndA_REcEZtaV5XJRJaplpS1R9hIB7XqdOZ0OCdVYhImXt2TLRCSr5tOGR4RINjhuLbCOUwD2i9YPDC6dI5skBIxYuJdQhGdmZ_LepE4AgAjq9uN6PVU3V2onPD0RwtP1fxHBjjv-0X41WGJ91v2MTFiZK3rBSdv_PP_t7kSzvqJrJnEtJede3tl0ZEee6HjB4uGtgPGefSRdnOdPcoj4-cWYc7Ub_LBz5tUdqFZ2M2IcrfM52iazeWMmQ5WdUPofiXwmQphoreJWgq9qOSIPMkptR6f9kqht7evh13CDghmihhGQl4rORlGye51aCSOHbNfxs28njpNj-yBMkWrCWFUuZ9ZUir8QUg-nuxs3q7nXhyH9SBjl1q7Mw0LvY1pF4ALOoaTFu3uGgVW9thnGaK_pljP6fe-Ah00e6CXuFesqB_agRq012cVXS5BHdBHEE-jn1w45ttMdvUF6Ya8RKhvE9emaEhhGyP9b5G2tRlZgx9E3rkqboh4JqJquAyZCYXddMm7beLuLgQ0hjh7KsT2oN7nvVBbfAR4iW3ndmEajkB2ftcO8hraOzvStQWMGO8QojayoL_bk3NE5ddBDdkwbKu3aQ0x3Ebk_VcadpIO22Wy7t6pthNVsZy8FaGpSDxsBprXx9fVVUK5YlOTa9JJA6DHp0Mcp693ewa4Cq4xP9LdRmITQyV8hMx9bqNLT
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FD10 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1a_c-icFseUHAQyl_KwwlQxdAoRWs3gtXvgmJUpvmiVgvVJWS7XZzjZegIOkgBNoouniXXcfSvXl-EXAacwc9_JU7mQy4RytdBYRnTT3m2tJBsDlWFmXvOK12zMj_BDe238RxfmiTZm3J&sai=AMfl-YRCUSszgSSI1LcGcL0X-7REcZG6CyEv8Fo8OeT5iHdLhNm0gCWvY4Wh9QgKZ4NqGvdjZs8Dj0WYMeehLD40o8RReCrOomitHVidj6XHB5bG3tWFlnbnCfeF8f63aBVdXmdDPUWaBg&sig=Cg0ArKJSzP8RweOej1GYEAE&cid=CAQSOwDICaaNgK4vH08I4ha6NWJMgpuaMpLHFsSvslV2QoHvkudNAiljtrMObSiZHJ1XK8CP3i5EXSpkxYEsGAE&id=lidar2&mcvt=1000&p=154,315,404,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2226852388&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701419110221&rpt=797&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dw-check.html
experiences.mrf.io/marfeelpass/statics/ Frame 8DB3 		0
0
style
accounts.google.com/gsi/ 		533 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-txIXOSf6yj5Sx8ZpkH5vVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'report-sample' 'nonce-txIXOSf6yj5Sx8ZpkH5vVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Fri, 01 Dec 2023 08:25:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
005a69803d92e25f4a96e845e34171ebfcfb375c8be11fc40b3502f4578b473e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12463
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
782 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4153
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 08:25:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A0C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:02:50 GMT
expires
Sat, 30 Nov 2024 08:02:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A469 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9234774404abc50f39d579d52e342427c4f56e30bd79c996c2cc099ecb52066c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UkubKIwO76lUI17K1Vm6XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UkubKIwO76lUI17K1Vm6XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 08:25:14 GMT
expires
Fri, 01 Dec 2023 08:25:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6A0C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 08:02:53 GMT
65698819d956d933.jpg
icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/65698819d956d933.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b538e29203bb3da693676943205259a8542010ce97109d725c97374265e4df
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
4133
cf-polished
qual=85, origFmt=jpeg, origSize=107785
content-disposition
inline; filename="65698819d956d933.webp"
x-msg
resmio-server116
x-request-id
6kUIw1oP1JjSMhnZjZEIB
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 07:15:53 GMT
server
cloudflare
etag
W/"0ERS41hcIdR-dZMWyh7Q2FhrCYI3meJWS6qHG-F2OB0/RIjY1Njk4ODQ0LTQ5YzA2Ig"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0dee9957-FRA
expires
Sun, 31 Dec 2023 07:15:53 GMT
6569886186b13209.jpg
icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/788x450/resimler/diger/kok/2023/12/01/6569886186b13209.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974307dba184c3a2f4351c7c665d0f7a998a058ff4511fdbe8ea90f9922922a6
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
3996
cf-polished
degrade=85, origSize=119461, status=webp_bigger
content-disposition
inline; filename="6569886186b13209.jpg"
x-msg
resmio-server116
x-request-id
n6DSIiv5vRGctRC4d04cZ
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 07:17:04 GMT
server
cloudflare
etag
W/"0ERS41hcIdR-dZMWyh7Q2FhrCYI3meJWS6qHG-F2OB0/RIjY1Njk4ODhjLTEwYzE0OCI"
x-resmio-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
cf-ray
82e9f03b0def9957-FRA
expires
Sun, 31 Dec 2023 07:17:04 GMT
6569960b0bc74694.jpg
icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/6569960b0bc74694.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fc8990bf842fe1ba82dfbeba8d3a02c41bcc25dffbd0c128ed4bee9a8c9758
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
470
cf-polished
qual=85, origFmt=jpeg, origSize=38884
content-disposition
inline; filename="6569960b0bc74694.webp"
x-msg
resmio-server116
x-request-id
7O-c4c-H18hUGb55vNtzX
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:15:23 GMT
server
cloudflare
etag
W/"X-f4-N6ChSaAIQl_g2O_xZ7C3jK1oP44sYnVqm_fjiE/RIjY1Njk5NjM1LTMwNDEwIg"
x-resmio-cache
HIT
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0df29957-FRA
expires
Sun, 31 Dec 2023 08:15:23 GMT
65699459c470b595.jpg
icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/382x450/resimler/diger/kok/2023/12/01/65699459c470b595.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda90a5ed7ead09c45123ca900d69de8b1f53b9d0889f310751435011853cf8c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
974
cf-polished
qual=85, origFmt=jpeg, origSize=36571
content-disposition
inline; filename="65699459c470b595.webp"
x-msg
resmio-server116
x-request-id
IwUgx0Fds16rOyV8EW9Hr
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:08:06 GMT
server
cloudflare
etag
W/"X-f4-N6ChSaAIQl_g2O_xZ7C3jK1oP44sYnVqm_fjiE/RIjY1Njk5NDg0LTM2ZjY1Ig"
x-resmio-cache
HIT
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0df49957-FRA
expires
Sun, 31 Dec 2023 08:08:06 GMT
yt-home.svg
s.ensonhaber.com/assets/img/ 		31 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/yt-home.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
103892
content-length
15522
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Thu, 12 Jan 2023 12:28:36 GMT
server
cloudflare
etag
"7b20-63bffcf4-248980f56cff858b;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f03b0a79373d-FRA
expires
Thu, 28 Nov 2024 04:14:55 GMT
wp-home.svg
s.ensonhaber.com/assets/img/ 		41 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ensonhaber.com/assets/img/wp-home.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-encoding
gzip
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1805023
content-length
20870
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Fri, 20 Jan 2023 23:35:42 GMT
server
cloudflare
etag
"a586-63cb254e-3fab314fac59889a;gz"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-esh
js gnc cdn
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e9f03b0a7a373d-FRA
expires
Thu, 31 Oct 2024 04:23:11 GMT
656981cba7028158.jpg
icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/656981cba7028158.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3dbdd932f77bdca914a0820f99fe53bce850869ad0da3fe597861695145625
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
5650
cf-polished
qual=85, origFmt=jpeg, origSize=13186
content-disposition
inline; filename="656981cba7028158.webp"
x-msg
resmio-server116
x-request-id
XnNQ6d_TZN0jvTL0nMqZd
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 06:49:05 GMT
server
cloudflare
etag
W/"bP3bfIvuky7BAtHHywf7bQ1Z2qCH8_--P0NKVpECFs4/RIjY1Njk4MWY2LTNlYzQ1Ig"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0df79957-FRA
expires
Sun, 31 Dec 2023 06:49:05 GMT
656973a511cac747.jpg
icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/656973a511cac747.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f395431b55d1cce24144b0ebe34911a92dbfebc73c9416c6cef5ccdef3ad8b
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
9293
cf-polished
qual=85, origFmt=jpeg, origSize=8708
content-disposition
inline; filename="656973a511cac747.webp"
x-msg
resmio-server116
x-request-id
hNPUM7Hw7kvBerIJZvEAy
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 05:48:30 GMT
server
cloudflare
etag
W/"bP3bfIvuky7BAtHHywf7bQ1Z2qCH8_--P0NKVpECFs4/RIjY1Njk3M2NmLTIyMGM3Ig"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0df89957-FRA
expires
Sun, 31 Dec 2023 05:48:30 GMT
656992599f485232.jpg
icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/656992599f485232.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb438a7a9dc06b660f26215f0bdee1ad2f60fc9bdc107029de7702ef6d85caa2
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
1175
cf-polished
qual=85, origFmt=jpeg, origSize=10616
content-disposition
inline; filename="656992599f485232.webp"
x-msg
resmio-server116
x-request-id
26CbKCFP2okLIyEmWLREK
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 08:04:08 GMT
server
cloudflare
etag
W/"bP3bfIvuky7BAtHHywf7bQ1Z2qCH8_--P0NKVpECFs4/RIjY1Njk5Mjg0LTJhZjNkIg"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0df99957-FRA
expires
Sun, 31 Dec 2023 08:04:08 GMT
65694b4f021e8951.jpg
icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/320x180/resimler/diger/kok/2023/12/01/65694b4f021e8951.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb74c625aacd12e19d45ab43921b2922d239458058428ef1cb510c6875d504ba
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
content-security-policy
script-src 'none'
cf-cache-status
HIT
age
19491
cf-polished
qual=85, origFmt=jpeg, origSize=13207
content-disposition
inline; filename="65694b4f021e8951.webp"
x-msg
resmio-server116
x-request-id
vVWe2eOqyW_3jzwVD0S17
cf-bgj
imgq:85,h2pri
last-modified
Friday, 01-Dec-2023 02:56:28 GMT
server
cloudflare
etag
W/"bP3bfIvuky7BAtHHywf7bQ1Z2qCH8_--P0NKVpECFs4/RIjY1Njk0Yjc5LTMzOGZmIg"
x-resmio-cache
MISS
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-ray
82e9f03b0dfd9957-FRA
expires
Sun, 31 Dec 2023 02:56:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A469 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=2262118106955386&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je3bt0v898969204&_p=1701419108872&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=387768742.1701419109&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701419109&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&_s=2&tfd=6085
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 08:25:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6A0C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tlZY6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 08:25:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKow13fzhBOgf6PxnM6zIeQ&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFWyccoYfKFseYUS9oTI0VY&google_cver=1&google_push=AXcoOmRr2IUna9_2idpOBmiigqek70rzOUMh1oDaqBKqsmyrfArmG5GOKQSQ4BWVsOsWwwLNizSYZuvUTZjQS8Cj_tnv71W7weQgyQ
Domain
experiences.mrf.io
URL
https://experiences.mrf.io/marfeelpass/statics/dw-check.html?v=5
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=2262118106955386&bg=!wsGlwY7NAAY3kmNgF5I7ADQBe5WfOFjz6g9zDOacsWGOAhckklkLPX6nLFl-YxxPdZjinyH3MiBP-ks7kGR9HafDcxszAgAAAFlSAAAABGgBB5kCzPd973aDm1EADSzJuNiYJJhvvGZauKkev-aGKAaU0RMqozbb6H21TO80iAvrSxdz8txAl18jziqU0xa_YGKW9OQT8v6pdgNV7WFt4Ahw7hPI4f-VxbVG5Xdnw7PIOFp7p37WHMWMdcCsA3Mg00LhOQO8lNWAf17-K4B21qR6zCQXcOGBsSPaOpoWZIXCsy-ui23s9EvrKTS3jiQdmaR6K8Zew3Xw6f1cJjMrEh-vYL6fFYpYCkFIYo0fQgdvK37zBC_JpikZW3st2PGfUy3Kb4vq7YyIyiTFg_EBUvS-PcXtpejwzWWRJ_lCQl04aCw3MgrxcJLIY6FtCpYAiWc5d1ej-K84bhb-ODmCYalg52Was82N-bMONKhDxRnWZG7pmCH8lh46FjoNclS3zxykbgT7kVw_ktnRRYTAo8f8GHQOyJoHzQSDFCIAb0m98PQLrQU8WzPLtzWHu_8mosuMVdgECsU1CHu-T6GNotrNZBsd_7_ewUGo_TAE793KHZGztVW94u4NfEvOIS0veV-UTjZFLV8RDnUPj1HAn8WLmPAtxfMfZB9QHzS9oTBCdhixSciyBXIfXYcYrKz1uO9xyqsp5U4dYMv4kzMH5jBohfp7OfkNAqh8P10dh6I6PVKkaF-tzCmvlYf7nj0MJMkZM6D5E7xG9g7bwtubpOKKhzxbU-lEJCsGLBti_RRnhgFtaQ1nNnM0EoDdHnzxuXjeRmfasFmzmaPD__FDS27et5AjZNQJyXztmTuUVFfU64FIZYvGqdxlS_nlpmvzpYi16PqitvHD2-knHbgfrZS-aWi3i3J9ubzI5qbIrrew-BvmC9b-KRLuStHi6kK37HJ8I8lDVhAWt7gfTIU4dXMXN80EHYWD7IRJo4rJcsF7CIetihxE9pC6FRbnYKNTWatrRg-qH0Of2erhkhNiSjXoFc0q73HGhg32heKTHSWx

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture string| eshpage string| gtaregeting object| mastheadConfig object| theme object| dataLayer object| lazySizesConfig object| pageskin_sag object| pageskin_sol object| masthead object| anchorSlot object| interstitialSlot object| adConfig function| loadAd object| observer object| googletag object| config string| cssContent object| styleElement function| ScrollBooster function| detectMob function| randID function| gopos function| hideDynamics function| isVisible function| toggleMobileSearch function| toggleTheme function| loading function| loginModal function| mainMenu function| hideMenu function| menuStats function| closeModalDialog function| modalDialog function| getCookie function| setCookie function| siteSearch function| searchForm function| scrollElem function| closeUserMsg function| fetchRelatedNews function| globalCanli function| cookieMessageInit function| closeCookieMessage function| push function| pushClose function| Swiper function| lazyDynamicNews function| getLazyNews function| loadHotnews function| loadRelatednews function| homeWeather function| generatePeekID function| closePeekItem function| peekNoProgressBar function| validURL function| observeAndLoad function| toggleNotifications function| openNotifications function| closeNotifications function| modalButtonClicked object| lazySizes object| firebase object| fetchRelatedNewsData boolean| fetchRelatedNewsWait object| peekconfig object| header object| overlay string| host string| hostname string| href string| pathname string| port string| protocol string| search object| leftslider object| rightslider object| google_tag_manager object| google_tag_data object| marfeel object| ggeac object| google_js_reporting_queue object| default_gsi object| _F_toggles object| google object| closure_lm_289500 function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO undefined| google_measure_js_timing object| google_reactive_ads_global_state object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __G_ID_CLIENT__ object| GoogleGcLKhOms

40 Cookies

Domain/Path Name / Value
.ensonhaber.com/ Name: _ga
Value: GA1.1.387768742.1701419109
.ensonhaber.com/ Name: _gcl_au
Value: 1.1.1361652251.1701419109
.ensonhaber.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1701419109%2C%22currentVisitStarted%22%3A1701419109%2C%22sessionId%22%3A%222c1a07f6-d6f1-4e1a-82e5-6c18051c828a%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.ensonhaber.com/%22%2C%22referrer%22%3A%22%22%7D
.ensonhaber.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1701419109%2C%22userId%22%3A%22cfad1b76-0915-4fc3-b0c3-8c76e030be27%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1701419109%2C%22timesVisited%22%3A1%7D
.ensonhaber.com/ Name: compass_uid
Value: cfad1b76-0915-4fc3-b0c3-8c76e030be27
events.newsroom.bi/ Name: 4153_u
Value: cfad1b76-0915-4fc3-b0c3-8c76e030be27
events.newsroom.bi/ Name: 4153_s
Value: 2c1a07f6-d6f1-4e1a-82e5-6c18051c828a
events.newsroom.bi/ Name: 4153_lv
Value: null
events.newsroom.bi/ Name: 4153_ut
Value: 0
.criteo.com/ Name: uid
Value: f890605c-7c03-45fd-bad7-39c92b7419cf
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.ensonhaber.com/ Name: cto_bundle
Value: JqQ99l9SRnhSdEpnN2JDM2l3QmN0Q1l2NE1BM2IwMzZVckVNcWZwTUdZam1vUU94U0hHc0ZBb0VXall6aDglMkJVcUEzSHhyeWNCUmZ3Z0pkVldWYUlpY0VuMzZBTlhaQ1RIMXo4TkUzQ0dWVWJNMlVsY3g4JTJCdFU1OE9WTElNTElBRk9KdUxvSmxVanE2MFBMQ3BRNzZqaVV6emJnJTNEJTNE
.casalemedia.com/ Name: CMID
Value: ZWmYZfDtH4Y4n8z2qSz4ugAA
.casalemedia.com/ Name: CMPS
Value: 5241
.casalemedia.com/ Name: CMPRO
Value: 5241
.adnxs.com/ Name: uuid2
Value: 8856700369391489265
.csync.loopme.me/ Name: viewer_token
Value: 221023f1-eb21-4494-b6a5-ec33f10b82ae
.doubleclick.net/ Name: IDE
Value: AHWqTUm8JCU-hEhE9z6XVrN8O12ngrCaD6fhcNXVYaiTYWjQGP-ea-EuChi2_RMToAo
.ensonhaber.com/ Name: __gads
Value: ID=5e6b46a8352d5f9b:T=1701419109:RT=1701419109:S=ALNI_MZ74-KfAQGqxG8ARJvmwDrxqTWgyg
.ensonhaber.com/ Name: __gpi
Value: UID=00000cffaa413a33:T=1701419109:RT=1701419109:S=ALNI_MblNLRSPsZnJ7poKbTGUTeFasU_WA
.3lift.com/ Name: tluid
Value: 1248906391702306364387
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A0ADA269-F978-40FF-37A6-BC7358996509%22%7D
.w55c.net/ Name: wfivefivec
Value: gpoqqh9O1R8YPI5
.adform.net/ Name: C
Value: 1
.ensonhaber.com/ Name: _ga_3G92ST5T0Z
Value: GS1.1.1701419109.1.0.1701419110.0.0.0
.w55c.net/ Name: matchgoogle
Value: 5
.go.sonobi.com/ Name: HAPLB8G
Value: s86212|ZWmYa
.adform.net/ Name: uid
Value: 9052701490850462084
.adfarm1.adition.com/ Name: UserID1
Value: 7307539434251090066
.ctnsnet.com/ Name: gid_CAESEPVJBmLrDnBt7SoCH5OdqEk
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: awntuJyOZbSFoJTyBr0uRuyLZal461Uu4EOpMOjBV8rT3VJ1ccUx5Gn45ROg6IMp9yMRtUL2yZb24SdKe7HdQ6awxg3
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?cnP.MH!]tbPl1M>e)ZlrFUfJ+tGXxoXU%aehU>`ekPut`GQ9?/.DX=7pYZS5JgBywD3If)y3KL9D3I?+Xh8(jN
.yieldmo.com/ Name: yieldmo_id
Value: 3zEEMqqnn7qLjo9D1e3q%7C1701388800000%7C0
.ctnsnet.com/ Name: cid
Value: 93fd95fbcf5e4bc0937bcd3c97abcea4
.ctnsnet.com/ Name: gid_CAESEOK-3QZWfwCHtFC_jCOWJnY
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBGaYaWUCEAEGT8_lQ24spgoBIU85MlwFEgEBAQHpamVzZQAAAAAA_eMAAA&S=AQAAAtMclp3b19fQeIgtVSnYONE
.quantserve.com/ Name: d
Value: EHUBCQHHKoEA
.quantserve.com/ Name: mc
Value: 65699867-28b12-fc781-82e05
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWmYZwADqWSZrwBd

4 Console Messages

Source Level URL
Text
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEKow13fzhBOgf6PxnM6zIeQ&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEFWyccoYfKFseYUS9oTI0VY&google_cver=1&google_push=AXcoOmRr2IUna9_2idpOBmiigqek70rzOUMh1oDaqBKqsmyrfArmG5GOKQSQ4BWVsOsWwwLNizSYZuvUTZjQS8Cj_tnv71W7weQgyQ
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.p.analitik.bik.gov.tr/tracker1.js
Message:
Failed to load resource: the server responded with a status of 504 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
accounts.google.com
ad.doubleclick.net
ads.travelaudience.com
ads.yieldmo.com
analytics.pangle-ads.com
api-stg.ensonhaber.com
c1.adform.net
cdn.jsdelivr.net
cdn.p.analitik.bik.gov.tr
cf647515a230ce988505f10c99dc78b8.safeframe.googlesyndication.com
cm.g.doubleclick.net
cms.quantserve.com
cs.chocolateplatform.com
csync.loopme.me
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
events.newsroom.bi
experiences.mrf.io
fonts.googleapis.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
icdn.ensonhaber.com
id5-sync.com
invstatic101.creativecdn.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.ensonhaber.com
s.tribalfusion.com
s0.2mdn.net
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.search.spotxchange.com
sync.teads.tv
tg.socdm.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.ensonhaber.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cs.chocolateplatform.com
experiences.mrf.io
pagead2.googlesyndication.com
sync.search.spotxchange.com
104.18.36.155
124.146.153.170
13.248.245.213
141.94.254.117
142.250.185.102
151.101.130.49
162.19.138.119
178.250.1.9
185.102.219.172
185.102.219.173
2.16.97.41
20.127.253.7
2001:4860:4802:32::36
216.58.212.130
2600:9000:211e:8800:1b:5138:8a40:93a1
2606:4700:10::6816:3e4e
2606:4700:10::6816:3f4e
2606:4700:3033::ac43:9fa2
2606:4700::6810:5614
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2003
2a00:1450:4001:803::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200d
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a02:2638:3::3
2a02:2638:3::c
2a05:d018:d29:3602:8101:fe84:3355:65
3.121.34.204
3.33.220.150
3.75.62.37
34.96.70.87
34.98.64.218
35.157.73.176
35.186.193.173
35.190.0.66
35.214.190.111
35.227.252.103
37.157.5.132
37.252.171.149
51.75.86.98
52.19.30.140
54.229.213.176
69.166.1.66
69.173.144.138
72.247.154.226
85.114.159.118
005a69803d92e25f4a96e845e34171ebfcfb375c8be11fc40b3502f4578b473e
006c11801498d00e265218ef1381e075df6db8c7a05bd79b9e229b1c605f74b1
01101a9e16410c658785cf02cef1cf585f629c7bec2f186ff14d88a5917a0c47
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0a908ce2d7b4e2dd9efeb3ee51a66beb39b7ee38fd9b2ba0969ba95a69ee1271
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c
0e4e92f6e6e2b83597ba7b902945c88d6104d5fe667023fe596c3d1e8851f574
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1005b3e1ab9a4aa88173b46f7f5bb31fed73febbf284e208747aee3adcc72917
102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61
1328840860b4b87eb959dea24e913a4bf0a68c1117c8e2e7d1e2d18198e2f751
1385481bde89fb72becee174c373f77b87a2f9a0545ddc7eefabec1ed244d05c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283
1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d006b8e18a5756196c8a3f18ed9ccb0da3bc0f8def44cf6489db4b1df0ad4d7
215c28667055c88261d05e89d47bbd3eb1ad9c1be720e372cafcf0328b6d6866
2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e
23f113d1a132cc49f5b3afca61a8fb4a05c9fb90efbca4fd66d9249fab206c62
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2b1bc589e4403cbfbe7752a126e8e221c484e63ec89c5f2136fc5ff07a4086d4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2df5e79fca419ec357ab909bc4b775580a5181fbd44449775d4eaa9b88654133
2e126140f908fe288b51b2b69ac970ee9daa6ccce1cb97235cd8d76908cb8196
31482a807201349a8714c2e3036907585f8f37a698afbb9ca7c0042b431b35c3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b
32f395431b55d1cce24144b0ebe34911a92dbfebc73c9416c6cef5ccdef3ad8b
3321ff9d756f6c725088270351bbfeef99e1a50896f5efa234604df3f8201fcd
34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3
377831a803b7529f26225ca7133c9dbf4637016bef350074a6be6b878308bddf
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b
3e7d32f77b5aeffd20611cb815452bd7bb24395d42add8fb2e6d118c0605482e
416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46696e0663280d216487088fcc130376c529f9d61aebce74da1d00060b34d70e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4daf54bb3f598c4894ae3d9bac6d7f89e3b90e149e066ed6c1c77b86a04c4004
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b538e29203bb3da693676943205259a8542010ce97109d725c97374265e4df
5266b9481b658a49d04acaf818e3805171a1d85724d499e754c02166b4e51fe3
53834650d96086e5649d18d0f9396e16734c6c963a036dd2c8ab005b2a94506d
53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb
548b0cabeaa9e5c55e15b5867c4fee085797c9fba5e2fcc666edde7bcbf02571
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b75489567bb0113c5462bf5cd8c63df39682d7ec2663e95a9896ae0565d422
555ed6cb3cb90591bf3def916ba208cafc830119b100866bfb7fa7fa2bf3fe9c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56129ebb684618a83f504a2f56faef151c9813aeeab813b01f558dd18d72d21a
575822b2804b6d5e6b6785e31411223f56a77e4c80d7588ea8a5d3ed06404700
5802303b9ccdf0b4467ff1ae855be9c11c828cbce7fd50ba1eaf5f3054ed1d10
583a10f9d0dda0fc52a22676914b9ed37bac133b2531c30655452cf377b084bf
592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286
596b58883adb8e4a8849dca9654eaec8d2a22416ce3fd06eb7af97aebd433886
5b8986a00d1cd29bc24e3c88128f04d469cc220ad8f332247c4e5d6aada4793c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620b6bc178d60dd299a57c3ff39c1492e1c3b58ba68b0fa967991c29997a391b
649b3cde87ad9baec799a5b088cd2cec4d68b8868cbd91f6696b3ebe0c3b8367
65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead
683bcc856c3a05fd1a12828feaaadb7a83619a48930199449d6b596a60bfeeff
6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018
6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140
70be47680e5d628453d5e75232dec767a3814dd1d4971050dbea16f917029461
74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f
768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1
78b782b91c45c43eac2c6f7660a1821bdf8f4f10c5992c04aae9906d12ba6777
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
7be998be6dd2d82c7b9dc63aedc09f1e8e123734838486cf63f584b421f2d39b
800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
8847afc82a8d5058a7c37aa267e32e7fbc070fd743cb257586f762c81c897ebc
892166f2b76359864825c6cdf11229dc21595a0d919ddfe0e2cae8eed7609fe6
89fc8990bf842fe1ba82dfbeba8d3a02c41bcc25dffbd0c128ed4bee9a8c9758
8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b
8bf294349d070c4ba6a83aa927d51ff121273a919dcdd2424bdd09a1f5b1bba9
8d25d2177d8bf2fe3b5cefca6a6e826389be717772a67a266d279eb956d03173
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33
8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9
90f44fce82f3098c0f8088916772a9b9fd52e26748fe0276632a9387b16dac13
9234774404abc50f39d579d52e342427c4f56e30bd79c996c2cc099ecb52066c
9282d5ef118e11b4abfa56df1d3ee6583370b58a0042f77f5184b03560faa7ac
96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88
974307dba184c3a2f4351c7c665d0f7a998a058ff4511fdbe8ea90f9922922a6
9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a65e59f7f296627e91073a87fa73f44c3d2a1043b371a3a6f351942605930
9c7141fe23f59efa506ec5a07a1f3d36625f52ac1e3b8906a64ed72c5ca57aa6
9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a640219543552b9a503513d53668e2006cd60167d025951b65261093860e852f
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a74707ecacb51717158bbb7206f7bc42401e3f07f99c443ee2988b1867d93400
a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa
a90995f201bd4460525c21769631f948f93222bc7631a67a3f8566361e49788c
a938f8c9ca3e8f804e7a30a2dbe31f3e8e3903f7c419d20bd5d2bc268368b6a2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae69d2e3a6f95278996651707732ed33adcd20ccd812b45f5debee570cb84dd8
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a54f5996cb3b7c7b098d1ebc1677ac959b33c61856165a2f81bb3bb073f020
b3fcb145e00de798e8976d93f6a311404b3ea28d209d7d96c89e7310612f8841
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b8545c2f56e060e0c83fe6eb8a8b938b126d95604be24e2612aec3fa57bdfceb
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b88bd321cfa7cf0330e624f517ef6530c4ecf2dd4036f2031b5452945a6dde46
ba262a411917050efe3a8d72d08446dd5e9b532105c9268fa464af7befbc7502
bb438a7a9dc06b660f26215f0bdee1ad2f60fc9bdc107029de7702ef6d85caa2
bb74c625aacd12e19d45ab43921b2922d239458058428ef1cb510c6875d504ba
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bc2da81ab8ef5ad2f7ec130839c737920e77e72c4ff41d8defbcefc32307610c
bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b
bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed
c101fb15121b377002af89db37e1ff8f72939ff805900850ce4fced8135341bc
c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4ec63003de6ab39bdfaf3713098ec254279750f54057033c63ef403ea4a3052
c773e00ac3d661c83a858fa400b1d4cf5fa1750298aba65d351db912346fa2b9
c84e6d30301cbe4a30801d17c0d7d04c974cfea0b092a71e545563a5441917b0
c94872ae5db4922ccb4fd6b2e3f18cf7c47414b5c1d98e557d9f81b659d417af
cadbece3de4d0e57e2742c4689b75636f3168ceccc93b478b6d9e0ed1980c166
cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d6976017d0b42dee0a8c12f85e66c19633d8bc28bff3b3f9d358f65792ef8208
daf92c37a0951e11d7a73739952d7c3f28f93074cbc580a6438848d63a3e6fc4
df1be142e3f233ff481679a602ba8dd069a25811e848f168d6481cd0fb4c1950
e1a83faec3a4f10627f16aab4ee05193df339f097599d301068bfc6bc4355284
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5672ab6f990ab8b4ad27206f33f66377f72ac8d316a4df00895088befa33c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979
ea3dbdd932f77bdca914a0820f99fe53bce850869ad0da3fe597861695145625
ea7a657582d65aa1783672d99830e44ee628b90b8083f0882601ea3cac6c5436
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb91254646813129be203fd6f7b4dd84c7fe44426444d2c6b223f77d0f823062
ecabf6dbf8b0fc70d6d9d8454de272143040e1eb704dde48731de99ba36d84b8
eda90a5ed7ead09c45123ca900d69de8b1f53b9d0889f310751435011853cf8c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f087d2e739e1940bae65c7ad89ef73550fe5b6d2cfc3562f5fa68724aded0f1e
f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f2bc09b81a009c9a8f1b37e7d0b55d0bbe051805a53fd6b84b28404e9adf8897
f6ed170d4de33a423918b098ffeb9f8c89ec6ceb6b7916aa1556e123852ea202
f855ee61724770bdde2006342251ad5abc34b24a7fcff6a5546b728ce7287cd5
f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e
f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea
fbe36a52a118e3e2b89e8b2447fd8a9b0be2bbd1effa20c4acd921104155487b
fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3
fe5e1beba978b812fa319fc949a5d4e0f51faffc91edac3dddb11a43ba3d50cb
feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441
ff8da3684d0923a44a325c26bb248205a9d9956d00249ac4d955392064bed016