www.ensonhaber.com Open in urlscan Pro
185.102.219.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ensonhaber.com/
Effective URL:
https://www.ensonhaber.com/
Submission: On June 21 via api (June 21st 2023, 7:45:06 pm UTC) from DE — Scanned from DE

Summary HTTP 323 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 47 domains to perform 323 HTTP transactions. The main IP is 185.102.219.173, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.ensonhaber.com. The Cisco Umbrella rank of the primary domain is 147427.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on March 31st 2023. Valid for: a year.

This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 76	2606:4700:10:... 2606:4700:10::6816:3f4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	185.102.219.173 185.102.219.173	60068 (CDN77 ^_^) (CDN77 ^_^)
9	2606:4700:10:... 2606:4700:10::6816:3e4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 28	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
10 40	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	52.208.62.81 52.208.62.81	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	52.51.35.255 52.51.35.255	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3 3	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.156.175.114 35.156.175.114	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	54.229.165.108 54.229.165.108	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.55 202.241.208.55	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	52.196.178.144 52.196.178.144	16509 (AMAZON-02) (AMAZON-02)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:2246:a800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2600:1f13:800... 2600:1f13:800:7782:b239:61ed:349f:eca6	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4009:832::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:10::9	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	72.34.250.75 72.34.250.75	27630 (AS-XFERNET) (AS-XFERNET)
2 2	63.251.14.60 63.251.14.60	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
2 2	3.77.213.116 3.77.213.116	16509 (AMAZON-02) (AMAZON-02)
323	50

76 2606:4700:10::6816:3f4e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.102.219.173 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-102-219-173.datapacket.com

www.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:3e4e (United States)

ASN13335 (CLOUDFLARENET, US)

s.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-stg.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 142.250.181.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 46.228.174.117 (United Kingdom) 7 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.62.81 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-62-81.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.51.35.255 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-35-255.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.160.23 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.175.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-175-114.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.165.108 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-165-108.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.55 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.178.144 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-178-144.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2246:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1f13:800:7782:b239:61ed:349f:eca6 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4009:832::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:10::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lznes.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.34.250.75 (Beaumont, United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.60 (United States) 2 redirects

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 60.14.251.63.unassigned.ord.singlehop.net

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.77.213.116 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-213-116.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	ensonhaber.com 1 redirects ensonhaber.com — Cisco Umbrella Rank: 102678 www.ensonhaber.com — Cisco Umbrella Rank: 147427 s.ensonhaber.com — Cisco Umbrella Rank: 259491 icdn.ensonhaber.com — Cisco Umbrella Rank: 153780 api-stg.ensonhaber.com — Cisco Umbrella Rank: 236648	2 MB
78	googlesyndication.com 1 redirects 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ade.googlesyndication.com — Cisco Umbrella Rank: 321	468 KB
65	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359 bid.g.doubleclick.net — Cisco Umbrella Rank: 807	393 KB
25	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 957 static.adsafeprotected.com — Cisco Umbrella Rank: 628 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	204 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	1 MB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	9 KB
11	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 59 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	78 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	76 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	279 KB
4	1rx.io 4 redirects sync.1rx.io — Cisco Umbrella Rank: 618	3 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422	8 KB
3	media.net 3 redirects cs.media.net — Cisco Umbrella Rank: 1628	3 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2458	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	2 KB
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	448 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 772	1 KB
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3871 r4---sn-4g5lznes.gvt1.com	1 MB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	797 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6896	907 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	953 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	529 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 867	89 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 822	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 635	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1651	1 KB
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2376	606 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	315 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	310 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	146 KB
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1089	411 B
1	turn.com d.turn.com — Cisco Umbrella Rank: 1463	398 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8176	44 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1091	1 KB
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 689	606 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 846	465 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	54 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572	362 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1042	245 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 116	265 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4835	455 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 3582	4 KB
323	47

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
43	icdn.ensonhaber.com	www.ensonhaber.com
40	s.ensonhaber.com	www.ensonhaber.com s.ensonhaber.com
39	cm.g.doubleclick.net	10 redirects 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com googleads.g.doubleclick.net
28	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com tpc.googlesyndication.com www.ensonhaber.com s0.2mdn.net googleads.g.doubleclick.net
18	dt.adsafeprotected.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
16	s0.2mdn.net	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com www.ensonhaber.com s0.2mdn.net cdnjs.cloudflare.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.ensonhaber.com securepubads.g.doubleclick.net
10	googleads.g.doubleclick.net	www.googletagmanager.com www.ensonhaber.com 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	www.google.com	1 redirects www.ensonhaber.com 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com tpc.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.gstatic.com	www.ensonhaber.com 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
5	www.googletagservices.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com www.ensonhaber.com
5	www.ensonhaber.com	s.ensonhaber.com www.ensonhaber.com
4	googleads4.g.doubleclick.net	www.ensonhaber.com
4	fw.adsafeprotected.com	2 redirects www.ensonhaber.com 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
4	sync.1rx.io	4 redirects
3	static.adsafeprotected.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
3	cs.media.net	3 redirects
3	match.360yield.com	3 redirects
3	sync.targeting.unrulymedia.com	3 redirects
2	x.bidswitch.net	2 redirects
2	sync.teads.tv	1 redirects 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	csi.gstatic.com	www.gstatic.com
2	fonts.googleapis.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com www.ensonhaber.com
2	ups.analytics.yahoo.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
2	a.tribalfusion.com	1 redirects 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
2	ssbsync.smartadserver.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	tr.blismedia.com	1 redirects 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.ensonhaber.com www.googletagmanager.com
2	accounts.google.com	www.ensonhaber.com accounts.google.com
1	ade.googlesyndication.com
1	bid.g.doubleclick.net	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	sync.go.sonobi.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	d.turn.com	googleads.g.doubleclick.net
1	r4---sn-4g5lznes.gvt1.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	ajax.googleapis.com	s0.2mdn.net
1	cc.adingo.jp	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	cms.quantserve.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	match.sharethrough.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	s.tribalfusion.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	rtb.openx.net	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	mug.criteo.com
1	lh3.googleusercontent.com	186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
1	bidder.criteo.com	static.criteo.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	www.google.de	www.ensonhaber.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	api-stg.ensonhaber.com	s.ensonhaber.com
1	ensonhaber.com	1 redirects
323	69

This site contains links to these domains. Also see Links.

Domain
videonuz.ensonhaber.com
ensonhaber.me
www.youtube.com
wa.me
youtu.be
t.me
twitter.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
*.ensonhaber.com RapidSSL TLS RSA CA G1	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: 6C1CD5D607D56F0007D81525DAD9CCF4
Requests: 123 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B4B1AD1048644F7295FD65FBE00BEA7
Requests: 1 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 139475D9AFA5C5A75B9206F75D07D98A
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com
Frame ID: 5AE3C34D47F19B5E996B538F942727F5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E28B673236299A84DB87BD945B98365F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0AADE5B6F8BA11807D16BF5999D3A33E
Requests: 2 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C687D60A0BE2D14619516CA1DF8BA5E4
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D4AFD9E64DEE24F3B42A338D85B9D869
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFB97D08202CCAD0979E271A57F54566
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNWl2F0O6BytnrBlWK9L0lGTIzs8ifHtmtPZ9RRrhUvivu7iz9ioo_Sh5r-cfmBSYi9zKiSoHhm3xoiMwZ2J9fvRCgOBeX7ap3vJNeMP3tpqxaRCR0jsvdxV4GhMNCbkgk5bJAWiIQybmEqj5OF6QrnSkusjaySav2INHWYd8n2dfRC8kNIBkNM9uY305YfP7aI5-vTh
Frame ID: 109895F6F74307665145FF6EFDB53FD5
Requests: 5 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74EB7AE4215E75FD57E4FC3D7BFC36DB
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNWAXJ7iO94sLJm1gQ_39I5CjGsUb9lxHmkFbqphe2HqZB-t6fHOC0r6H4HcmkT1nIWzP8wQ1iMsYNf8H4DZzzYj2ZBkEUtCRBaFI1dYsJQXkoF-1emAbcWGNBIC8-mKDvjSYfJEbQ4369gXoBbmZyViwaDHFBsEasKWWXQZDuePXY2IsGf4z6QUBIgCHl8tzhCCav-A
Frame ID: 496A1521D772A56FF7B42925556F068A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 651E1BF902DE71772C008E95A9C978F0
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/index.html?ev=01_250
Frame ID: F08A56E7955723B5EC1396EB5E53767D
Requests: 49 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3FCA612E6F2622F6CF8B2C2D3143974
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 858DED6362CE70BFE5D8234AD946402E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DF2FFCA301101E64EF06024A997FDB4F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
Frame ID: 86DF68F5ACB9F6CD5B8BB4E8901A3FE2
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CED591947E1F743083AD26CE1D72BA7C
Requests: 1 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ECD19BEEC140C19EBF4ACCFBDE6DEF91
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019
Frame ID: CDC3ACD59C1205823E12DE8E64EBDE88
Requests: 14 HTTP requests in this frame

Frame: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 18B18BF8A9B020B86A2437C1763B3715
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM66ChD5_-oBGJ6DrZkBMAE&v=APEucNX8-Sty815iI67TAS0lYM0x8rnPBff243ksoJ27xeHqPSsNn0JTt3XwVdAz0eYDRzmol5sDx-ekxzNgB9WBu4GeQvKqZ9t0gYXSG8w2Vx3yE51G3ki5ihLXFrqibGZmgw64Q8gE4Z_N59wOVxhLm7mgKRAlvhApszqhzGKmmvl6qSuUwCwJBHHORlC8h-VDZ57Ab9cv
Frame ID: D518A8728CD21E5956E7EA5E27F74BFA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A0B89FC0345F036BDAC6BAC1B1EB639F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js
Frame ID: FB9C85F12D63609ACDC8B97144E5FA95
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D309CE32788A17121C18BD9C981A90BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DAA644E54CF2C9E52C4CC5DD2BC64B91
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js
Frame ID: E195448884EC95044C822BD59C0290B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8057ADB1737FC3ED33BBAA3AA8BC4B31
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ensonhaber – Son Dakika Haber, Güncel Haberler

Page URL History Show full URLs

https://ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

323
Requests

88 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

50
IPs

9
Countries

5808 kB
Transfer

10954 kB
Size

41
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://videonuz.ensonhaber.com/
Title: VİDEO

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/v5
Title: bitexen

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12o
Title: Halkbank Parafly

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12h
Title: İHH Kurban

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12z
Title: Veni Vidi Göz Mayıs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZHf28-BG2Pz-UFqYJiZBeg

Search URL Search Domain Scan URL

URL: https://wa.me/905333782000

Search URL Search Domain Scan URL

URL: https://youtu.be/2vnzyTtec4w
Title: Sinan Akçıl: İleride Türk gençliğini temsil etmek için siyasete atılabilirim

Search URL Search Domain Scan URL

URL: https://youtu.be/ek6JvpUIAAU
Title: Cumhurbaşkanı Erdoğan Ak Parti Grup Toplantısı'nda konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/YweY1muIdh8
Title: Sevda Türküsev ve Miyase İlknur arasında Kılıçdaroğlu tartışması: Yayını terk etti

Search URL Search Domain Scan URL

URL: https://youtu.be/d35_kl9UFlc
Title: Ekonomi nereye gidiyor? - Faizler ne olacak? - Dolar düşecek mi?

Search URL Search Domain Scan URL

URL: https://youtu.be/rtUGIfs4f70
Title: Kılıçdaroğlu partisinin TBMM Grup Toplantısı'nda konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/eIaGVxwBcIc
Title: Devlet Bahçeli MHP grup toplantısında konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/k9zMlAVwr_A
Title: Kapıdaki tehlike: Kızamık

Search URL Search Domain Scan URL

URL: https://youtu.be/dzSwDTM60YM
Title: Muhalefette sular durulmuyor

Search URL Search Domain Scan URL

URL: https://youtu.be/2qKTVdu9oDI
Title: MKYK'nın ana gündemi deprem bölgesiydi

Search URL Search Domain Scan URL

URL: https://youtu.be/xt9IfnEEGas
Title: Cumhurbaşkanı Erdoğan: Enflasyonu tekrar tek haneli rakamlara düşüreceğiz

Search URL Search Domain Scan URL

URL: https://youtu.be/wSuIa-cY3Ro
Title: Caddebostan'da sorduk: CHP'nin yeni genel başkanı kim olmalı?

Search URL Search Domain Scan URL

URL: https://t.me/ensonhaber
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/ensonhaber
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ensonhaber/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ensonhaber
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Lra7RnxsS1pFdW5GczRQQWluQ0NYZU1uc2lVOGMrYkU0NmRRWFprUUF1UjAwS1Z6ZmJtSDlqM3lvL2JNVmFHOGp2ZVRvR3FqL1cyRGpLRkZnSk04alpRb1BSZ1JYYWN0S09VUDROZEk4TVJ2V2lRaEFHUTR3bnBuZFRPMUo1RDZtMU9GY2ZONFRKbUlEbGp0QnRGd2FhTEJyUTBUK3k3aE1QUlhib0d0VnVsamdjM09PYmh2MGRqT2FSUUtVOU5Xd1VPblBtWGFYaWhzb2tzWERtcE1FWVVhR25lZHA3eVlHb09ZMUtmcHQrNVZXTmdoU2IvRktUNlpONERyQTVydzNLZHhCaVVvQ3BqV1lrLzNmWitLZ1pEUGpvTVpyQlp4ZnRXNHdSSk1teXdSR2t2UT18&cppv=2

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 154

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBc1DfHLCHX98AbBmXWxZ7g&google_cver=1&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0NdMmu3fnAZh_I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0NdMmu3fnAZh_I

Request Chain 155

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTOLuWw8q6ikAoqGC9pqZY&google_cver=1&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm10NrgKSJX9oB4S-3ofC0i HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDTOLuWw8q6ikAoqGC9pqZY&google_cver=1&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm10NrgKSJX9oB4S-3ofC0i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMyNzcwMjk0NzQ3NDU5MDEzMg&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm10NrgKSJX9oB4S-3ofC0i

Request Chain 157

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMj6WlubfMy0AbJSlTgOJGQ&google_cver=1&google_push=ATf1kGNmLWnlAFF74O7itZ2Zf5R_dPVdEuGyzDZh-s9zwy2YtlIrePoHnSClD5HUkd3y7FI_HHOfFX5XEL8lanrWBfvTI-p7yGo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMj6WlubfMy0AbJSlTgOJGQ&google_cver=1&google_push=ATf1kGNmLWnlAFF74O7itZ2Zf5R_dPVdEuGyzDZh-s9zwy2YtlIrePoHnSClD5HUkd3y7FI_HHOfFX5XEL8lanrWBfvTI-p7yGo&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E7lFpLLaSmuI9FMpY8Sa8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNmLWnlAFF74O7itZ2Zf5R_dPVdEuGyzDZh-s9zwy2YtlIrePoHnSClD5HUkd3y7FI_HHOfFX5XEL8lanrWBfvTI-p7yGo

Request Chain 158

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEa6kNsxkiGiwpdZ1qfyVuw&google_cver=1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1687376698674 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj%26google_hm%3DA52DkGDZRUnhlXtDSRAjt00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&google_hm=A52DkGDZRUnhlXtDSRAjt00

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1&C=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqIoS2AHzViaxL5bGTXAaY%26google_cver%3D1

Request Chain 165

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnzNgjwBIdzN0ZzC-HvPCQ&google_cver=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

Request Chain 192

https://a.tribalfusion.com/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 194

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENdX7Y-fWR7-fscuWYCzpyQ&google_cver=1&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAKstTRfdgIRQeA4D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAKstTRfdgIRQeA4D

Request Chain 195

https://match.360yield.com/match/ebda?google_gid=CAESEGbsf3GJzjLeJmAso9aMp5E&google_cver=1&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0GqM7AMa HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGbsf3GJzjLeJmAso9aMp5E&google_cver=1&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0GqM7AMa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0GqM7AMa

Request Chain 196

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJbEH75sMFzmQRgUGWAEN4Y&google_cver=1&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst&google_gid=CAESEJbEH75sMFzmQRgUGWAEN4Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUxMzUwNTAxNDI0MzU4NjE5MDc0Mg%3D%3D&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst

Request Chain 197

https://cs.media.net/cksync?type=g&google_gid=CAESEO3SdMGe7lW-xeFJ11eHuH0&google_cver=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS4119-ffHt6Xhc2O_Sfj-Amu7CI0KM20YNSl22MwpRgMNpZfsR7_Qgexwzkf88-cOfESd3pML HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS4119-ffHt6Xhc2O_Sfj-Amu7CI0KM20YNSl22MwpRgMNpZfsR7_Qgexwzkf88-cOfESd3pML&gdpr=&gdpr_consent=

Request Chain 213

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZvvnVAhhIFeCHasokMHUM&google_cver=1&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJXh0y_iSSPy8qGg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJXh0y_iSSPy8qGg

Request Chain 214

https://ads.yieldmo.com/exptsync?google_gid=CAESEIh2f99rAHjgUyoygY3JUbE&google_cver=1&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw&google_hm=ZzZhMWVmNjQxNGZjYjc5N2QxOTQ=

Request Chain 215

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHiBWBlHRBXA5n4sSJNTzLE&google_cver=1&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk&google_hm=WkpOVE84Q281c0VBQUgyNHJqc0FBQUFB

Request Chain 217

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBz31Qr7jREC5BAceJQmP5Q&google_cver=1&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDAFATyMv1oepeXHRahBPzUQ-7wezeYE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBz31Qr7jREC5BAceJQmP5Q&google_cver=1&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDAFATyMv1oepeXHRahBPzUQ-7wezeYE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IRGFILkg5RTJ1RzI3QWhGZmJEYlhMV0pZbzk1dWtna35B&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDAFATyMv1oepeXHRahBPzUQ-7wezeYE

Request Chain 222

https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20006179863&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iQtXWvnzALQcN97jhmJ6fE&adContainerId=brand_safety_OlOTZLn5K9aSjuwPzMiA0Ao&cbFunctionName=goog_wrapCb_OlOTZLn5K9aSjuwPzMiA0Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:554ce6f0-f7a4-acf6-e706-66167dc6d35e,c:gcGcu0,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5958d7d477-cbxgj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:25,oid:1aed372b-106c-11ee-bd14-7ef38c2dde8a,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_OlOTZLn5K9aSjuwPzMiA0Ao&cbFunctionName=goog_wrapCb_OlOTZLn5K9aSjuwPzMiA0Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js

Request Chain 310

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgkYbgdBDJBxjJBzIIqWnyyRJSLAI HTTP 301
https://tpc.googlesyndication.com/simgad/16477835166902256783

Request Chain 312

https://redirector.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=4041096EB13EEFEAD3F57041154500A8E09F45E2.17CE877AD403C664DF1F3693494AB1588C553EA1&key=ck2 HTTP 302
https://r4---sn-4g5lznes.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=58613D12E3C4FFDCD8F1379FEAE5FB345688C680.0449B0F1F8EE06163B716E06F39A53E2D74FCBFE&key=cms1&cms_redirect=yes&mh=7P&mip=2001:1b60:1010:2:1011:4f0b:3c6d:a4d&mm=28&mn=sn-4g5lznes&ms=nvh&mt=1687376180&mv=m&mvi=4&pl=29

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEJxlvooEO73Cv2a_oiLSQek&google_cver=1

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1

Request Chain 320

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHZpHN0dbqedyv2HfVe7cyk&google_cver=1&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVGY6I2tyTsi60 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVGY6I2tyTsi60

Request Chain 321

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_cver=1&google_push=ATf1kGMKmRYhiHql2I07Ob2UHCfjrDaB-a0v3-WULJ7iav1hGSQaBWNHP_UfqKgDopQWCgaYMZw1mZ24T1u8p6Zja4pMqE04pQE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_hm=ZJNTOi1OBnE07BwZmdww5AAACI0AAAAB&google_nid=index&google_push=ATf1kGMKmRYhiHql2I07Ob2UHCfjrDaB-a0v3-WULJ7iav1hGSQaBWNHP_UfqKgDopQWCgaYMZw1mZ24T1u8p6Zja4pMqE04pQE

Request Chain 323

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPV84rCD8T8U5-eE2GBhj0U&google_cver=1&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPV84rCD8T8U5-eE2GBhj0U&google_cver=1&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA&google_hm=G2sBLGZHqkKHfr1kQ6Kf8Nqe

Request Chain 324

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJXFO8K-Q8uDN8EMhns1fyM&google_cver=1&google_push=ATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA%26google_hm%3DA52DkGDZRUnhlXtDSRAjt00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA&google_hm=A52DkGDZRUnhlXtDSRAjt00

Request Chain 325

https://cs.media.net/cksync?type=g&google_gid=CAESEHWpWkERdnrwkidHNaaJdqE&google_cver=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MNFwGXA2yG1rDUbh_LcsK8Kh5HCQV8thEAkRLXc8THJiM20WxsoeD89wI6XrdNjOWv0rQE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MNFwGXA2yG1rDUbh_LcsK8Kh5HCQV8thEAkRLXc8THJiM20WxsoeD89wI6XrdNjOWv0rQE&gdpr=&gdpr_consent=

Request Chain 326

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOao_rBYZ_egXzC7jz_SNQI&google_cver=1&google_push=ATf1kGM_qAE2IogcdQubix5lryuMaf2IZ91uPj5zja0GVR_RpGMzgWguXeejJfWQPb9RcEfYpZ1yx4ppiL2qPgBXk8TJBys3YA4d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM_qAE2IogcdQubix5lryuMaf2IZ91uPj5zja0GVR_RpGMzgWguXeejJfWQPb9RcEfYpZ1yx4ppiL2qPgBXk8TJBys3YA4d HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 335

https://fw.adsafeprotected.com/rfw/bgd/266706/51196693/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQlRAVWvy_EMFmZ3_MupOcJf3KKGilpR4VqJGYJpYyguWJh-kcS6UzC5av0cLMzPqkimMnd9FiWNvFInQv5ufF-wdnEeyiUGml9CsSmRUAoCZ_4GMenl_muc2MyrPEexbl4srq8ciHPhvdwBs9V7aNvnNW1kDOsI0GzBfPK8fPM2zqNvQ22Bwdoyl6x2BuF0UgxPs-Gtz98hWbcqlnLQcf5egdBYQdDU5cXpVIS2GqUbL2ZbPvuagb-mxjiqxwq8CSWJql0OM88IEr4GcHMvBwERpcbE-04BcN5BkOnvW-5GhX_5H7iQcL4TJNzsBjm3NEb28_pIRpkgYUnpjzFPXq6a28tss9OEBUGozN0F4E4AExkzJw_UJ7MxnbBlIxQ5t9R3ID0GXY83qAtT0TG7NkvRfDAeiGbO-yTvAjY7Vjj7AX6OAqQyXHMdjlABYGyvBtG_Eabp6YdaECYEoXZ_HAEp1Bh3sUUDp1yXa9d3XOsrmaRKpALEbVuZ-NGukdfGzYu8gjqWM7XyL0FWH3FsGzqIYQEx5BatN4JIbJf7LdYDBlIy_DJl_jTFZPVw6vIG98a32f4P945tvC8IaQk9xi8tnkbkq-uUVsUZ6arnmgMU-MiVP8dWh1GOpt6OcwG7tH6mrifNhPfnZoq7rfNSr-K3PDiO3AxiSWlvVSP7SudLNYOA1q9XYpncvGacsPaOMGmW4k6oYkvnFBvK8oTAC0FIiZP9Zp0iQ5vY2JDSvXpAnMnR6S8AiZpBBS6ppZb6tLA68PM6C1OC-MvMKtH3Uj5xTTZL039zwrsn7AASivKhxWZGzX-xlRJnvjz1c-FOBhl-Gx6JCiSmnKguv2ggwBMc8boOOYabs8PUCNmERXoNv371zduINnaxqNwAFDGWCUQ5YlxdbrFyTa3TWRXs1o9HySWu08oe0FZZ5SuS2j7U3KFIjAz8v-iclUlQlRbRjiksZ77qoNaHVYgdH-OyiP9-VS8CaIlUwaC69w-cYKE_lPMqrkFVwj421H1xi5dJ7_tf1diHNFdHjzvmAG6ZTx2LT5MqQdGDOWF3jXrX0vRKSeyugSXk99w1JGPFLCRRihZbkyfNRVqrFzmt5EK4eR0NaYRCQ5KAF4Gndn2gJ_6e-xz4bAmO5XH_CCw0vQzd_ldkfAd2aXOUbWnWU825GwwmTLx6iD-UB1CvdmkECT6SUJQyTH0OsL1xfeYC1n8dGb-pSpcElvAte7bLaMnfBlcEvUFzs-lhiXFrIrnimGNp6p0WMaI1gKF2mgxPiIHHByn5g1DSZZl1pP0oEIHlckHp8Jipz9CNqmZwvv1XrTOkKTdSemUJ-FeBSz4bM4sL-5Q_pJuWsEuTCsf829mMGcfNJR6HqHXL277L6hlooTFzrTTLW4BKpGRfTNTJ6poUShDiCvDjuKUZpc-_xbcC8MWrYU8Caz8Y0oMotXoGY_y7L5smGKE4WjTc6uLfm2TpoWXoRBUsJWzKvilEYT_cHvd12LCh1vTkJCBt85FAk24VhOmt65wvTAWhpYRAQ6s00gvn-rG1GuWM_hc7WNS5-HyB14rpqiUHSQj2Xlo-b7JkRpfHhjzN3Xx3quzB4fH5Jb8YcUmmNdULxUwqrBJscLAPQ4a-Ejsv2bYylB__g1lxAyHDO5KLu46CsRsIo0bLLuMOHQi0k1DXUrvUfAz1rsfGalA_F6Dj8oX7SGI13zB8WHx5fSMWyGRINkHQgw7WlwL7KFpSE1nYKxWXbUDdiZArqw9MstT8JBj-4LaavGZ2BF8w36ggD6AP7cJrQde1kx-2VtklIbPDQYgGBRvmfQBAK2lLN32Fxf_R-Y1dASZKUxBpoOh72YGxKH3v2cUIM0tStvD82VgRY--lPT7GsZXIulDcLsjd7GiNNjyfSWgwJ4Q6OD7VC-XFgRpxqFMsX22I2e85uBP3XxeDCtIDXiGFtV6EhrwBPw5RAVf_vlqHpPgjdKYP4d808Nv0tVmR7clZQbh2U7HkiKosEQmMmjahP4TISmwPJqx0NwZTJlxT332SIfjyuKWBqKsHtzL7IYlcfc8i9Ua6XwpeSRtn8Ld6x4zLhQqlWwmEczHulw8PRm1W2YK-sfP8mpWrAqIz3yLtUs8nt2n2O1wr6SxcefcnsSUe5b9UWnekEUwFyLNvbR4FGIsR1-UK_gJaGepo_P3V6WBPlqgKs1vmKUTFEoRP0RdEzFH95ecCgTqr24priE_72ZReCS69jx4HAWcY7C2q2cMKaNKnZ2NuA1JC9kXxscNjT69wrDhl9FrI2HEpmKd4V3NMWmBuaSIT-ql7WyF-o5f3djVQs6kJ-ozKj9V4RxS5Z5cbRfAJf0b2inI0VISxBQ5vaEKztE3HT83rqxHirAF3ht-L2nQTiax_RAPt1p5cryt_h5z9jUF97wxCU3zK8CS2CgnbuurAoi4uY4HtZ3VGbPnCyWybGp_8u-iZ2NAHCXU_YMUrIxEuxgYhRBKAXQ3y1LSE35fwRsIQh1SQFwku6s6zdv9e7Gutjda6F5JbfFtnPOiAxCl7kv1E73QG0d0-3qImyV8L_xwLgHK7JLERcnX3PKmZHqVxpRKfqN0kYROfOsWpEXZd49QdBrXk-a0H-9Cw8GiqDfrIvEEHJtvftu3kW4UbQLn7tknvqA0EFF0y9_LkDGnoXSPfvIZklyIXxgY5pftVU-i0wgnSm5qlqTI480rzC-W0PD3Yt0CvFUeTcvThwTwHs6-jbhMd0PFgFjM8RH164De4tQ6maMxH3-L3HCTU1uTlZ6DHMFnQrOnE6-UED2L_felusmhnQGHNwZvpgp9VqmZFw3CLkqV5_LEsI3etz1ZhvZQTz4we-XeemOK00mqHHEs0LQr0dOjsee7teLsCTPmwvbvSo4x9d7NHAut1exJfIRCqmbOxSwdPMB-cGmIsg0OFzTrMS9PFhuVK2UEfdEfj8IrDzRDTCslnZ2mMqw1B_Gz0OLtC0hY5YSBCVi5xGPo2i9rqJrFZ8T9q6GvfJ1z32fW4XQHKf-VFxr8IKeeE4cC8aMzIkm1kPI4YjOWcr5PBVGmJon12dHYwcIxezvaaMHEtcotBxN308mBm8DiCm-9tpOHUsa-AQ34H2mjcMJKBsPLzK1chrTOZ6QVq4pDsLV6ni0XVG7cjgw8le3U1ykxcc-VjqR9O7dsM7BLXfR7UCbnOwyeZiwoA0calH4jpjwzr-hGTrNsLFaSD56QIm9QDv075TOOSDmh9saxeNRbxUEmS_0rA1jcmSzHWyTKPD0qHuDYvSP1maDsheT1nb8tU1B1RpWRfyFHSomc5YRudIZZ046i11j8bou9KkZmuohK3rGnVd6r3zdsXzj0QExyU-hfZE5xNB_IRkl0bT2wswvP7PyUHZ_omEIFI7c9UXUcWixSC5-Jsr_KPh4dCZmSyH03Ut0DKyVUP8K-G53Wti2f6-PqhPDF3hA9saI1B1HLIRp85Q3e5sFMr4HJItpcQyTX3lJ7i_Sseajodnv3jtP2DKIsi3FeeYfvlZHNw6uu6pvGGSnSwBUxiMzz57_VbtRuq7dAzFxw1KAikJgepx_aW7YT92JhcWrV18JKP9WxNVWAzjqM79ark6CNWZu53cAnz2LsvYmwcZLBqPc7KRNPEtzQxbyNFTxem_gEEANTapBOx6MkCZzJXEFxS8Hxk2r9BzNzJwk2F29ME_an8h9hHDvc1SAZZ0elT08htVos3j4ZPhMGkIIBBI8AHKBCIOmfmKzbFOwU4l_hf-Oz7YJfJG3xwOI6WKkRIVKTZ9vvqAsTjSSrrK0rdWbycRcd36pFE2YcBB_GAFgAQ&cry=1&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6c2f6b0c-b063-c197-dec0-bfb13af5e5d0,c:gcGcHl,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5958d7d477-lvxpr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:TAqUe1,mtim:4,mot:0,app:0,maw:0,fm:tHQwFGi+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:30,oid:1b5128c3-106c-11ee-8c26-faad8493f79b,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQlRAVWvy_EMFmZ3_MupOcJf3KKGilpR4VqJGYJpYyguWJh-kcS6UzC5av0cLMzPqkimMnd9FiWNvFInQv5ufF-wdnEeyiUGml9CsSmRUAoCZ_4GMenl_muc2MyrPEexbl4srq8ciHPhvdwBs9V7aNvnNW1kDOsI0GzBfPK8fPM2zqNvQ22Bwdoyl6x2BuF0UgxPs-Gtz98hWbcqlnLQcf5egdBYQdDU5cXpVIS2GqUbL2ZbPvuagb-mxjiqxwq8CSWJql0OM88IEr4GcHMvBwERpcbE-04BcN5BkOnvW-5GhX_5H7iQcL4TJNzsBjm3NEb28_pIRpkgYUnpjzFPXq6a28tss9OEBUGozN0F4E4AExkzJw_UJ7MxnbBlIxQ5t9R3ID0GXY83qAtT0TG7NkvRfDAeiGbO-yTvAjY7Vjj7AX6OAqQyXHMdjlABYGyvBtG_Eabp6YdaECYEoXZ_HAEp1Bh3sUUDp1yXa9d3XOsrmaRKpALEbVuZ-NGukdfGzYu8gjqWM7XyL0FWH3FsGzqIYQEx5BatN4JIbJf7LdYDBlIy_DJl_jTFZPVw6vIG98a32f4P945tvC8IaQk9xi8tnkbkq-uUVsUZ6arnmgMU-MiVP8dWh1GOpt6OcwG7tH6mrifNhPfnZoq7rfNSr-K3PDiO3AxiSWlvVSP7SudLNYOA1q9XYpncvGacsPaOMGmW4k6oYkvnFBvK8oTAC0FIiZP9Zp0iQ5vY2JDSvXpAnMnR6S8AiZpBBS6ppZb6tLA68PM6C1OC-MvMKtH3Uj5xTTZL039zwrsn7AASivKhxWZGzX-xlRJnvjz1c-FOBhl-Gx6JCiSmnKguv2ggwBMc8boOOYabs8PUCNmERXoNv371zduINnaxqNwAFDGWCUQ5YlxdbrFyTa3TWRXs1o9HySWu08oe0FZZ5SuS2j7U3KFIjAz8v-iclUlQlRbRjiksZ77qoNaHVYgdH-OyiP9-VS8CaIlUwaC69w-cYKE_lPMqrkFVwj421H1xi5dJ7_tf1diHNFdHjzvmAG6ZTx2LT5MqQdGDOWF3jXrX0vRKSeyugSXk99w1JGPFLCRRihZbkyfNRVqrFzmt5EK4eR0NaYRCQ5KAF4Gndn2gJ_6e-xz4bAmO5XH_CCw0vQzd_ldkfAd2aXOUbWnWU825GwwmTLx6iD-UB1CvdmkECT6SUJQyTH0OsL1xfeYC1n8dGb-pSpcElvAte7bLaMnfBlcEvUFzs-lhiXFrIrnimGNp6p0WMaI1gKF2mgxPiIHHByn5g1DSZZl1pP0oEIHlckHp8Jipz9CNqmZwvv1XrTOkKTdSemUJ-FeBSz4bM4sL-5Q_pJuWsEuTCsf829mMGcfNJR6HqHXL277L6hlooTFzrTTLW4BKpGRfTNTJ6poUShDiCvDjuKUZpc-_xbcC8MWrYU8Caz8Y0oMotXoGY_y7L5smGKE4WjTc6uLfm2TpoWXoRBUsJWzKvilEYT_cHvd12LCh1vTkJCBt85FAk24VhOmt65wvTAWhpYRAQ6s00gvn-rG1GuWM_hc7WNS5-HyB14rpqiUHSQj2Xlo-b7JkRpfHhjzN3Xx3quzB4fH5Jb8YcUmmNdULxUwqrBJscLAPQ4a-Ejsv2bYylB__g1lxAyHDO5KLu46CsRsIo0bLLuMOHQi0k1DXUrvUfAz1rsfGalA_F6Dj8oX7SGI13zB8WHx5fSMWyGRINkHQgw7WlwL7KFpSE1nYKxWXbUDdiZArqw9MstT8JBj-4LaavGZ2BF8w36ggD6AP7cJrQde1kx-2VtklIbPDQYgGBRvmfQBAK2lLN32Fxf_R-Y1dASZKUxBpoOh72YGxKH3v2cUIM0tStvD82VgRY--lPT7GsZXIulDcLsjd7GiNNjyfSWgwJ4Q6OD7VC-XFgRpxqFMsX22I2e85uBP3XxeDCtIDXiGFtV6EhrwBPw5RAVf_vlqHpPgjdKYP4d808Nv0tVmR7clZQbh2U7HkiKosEQmMmjahP4TISmwPJqx0NwZTJlxT332SIfjyuKWBqKsHtzL7IYlcfc8i9Ua6XwpeSRtn8Ld6x4zLhQqlWwmEczHulw8PRm1W2YK-sfP8mpWrAqIz3yLtUs8nt2n2O1wr6SxcefcnsSUe5b9UWnekEUwFyLNvbR4FGIsR1-UK_gJaGepo_P3V6WBPlqgKs1vmKUTFEoRP0RdEzFH95ecCgTqr24priE_72ZReCS69jx4HAWcY7C2q2cMKaNKnZ2NuA1JC9kXxscNjT69wrDhl9FrI2HEpmKd4V3NMWmBuaSIT-ql7WyF-o5f3djVQs6kJ-ozKj9V4RxS5Z5cbRfAJf0b2inI0VISxBQ5vaEKztE3HT83rqxHirAF3ht-L2nQTiax_RAPt1p5cryt_h5z9jUF97wxCU3zK8CS2CgnbuurAoi4uY4HtZ3VGbPnCyWybGp_8u-iZ2NAHCXU_YMUrIxEuxgYhRBKAXQ3y1LSE35fwRsIQh1SQFwku6s6zdv9e7Gutjda6F5JbfFtnPOiAxCl7kv1E73QG0d0-3qImyV8L_xwLgHK7JLERcnX3PKmZHqVxpRKfqN0kYROfOsWpEXZd49QdBrXk-a0H-9Cw8GiqDfrIvEEHJtvftu3kW4UbQLn7tknvqA0EFF0y9_LkDGnoXSPfvIZklyIXxgY5pftVU-i0wgnSm5qlqTI480rzC-W0PD3Yt0CvFUeTcvThwTwHs6-jbhMd0PFgFjM8RH164De4tQ6maMxH3-L3HCTU1uTlZ6DHMFnQrOnE6-UED2L_felusmhnQGHNwZvpgp9VqmZFw3CLkqV5_LEsI3etz1ZhvZQTz4we-XeemOK00mqHHEs0LQr0dOjsee7teLsCTPmwvbvSo4x9d7NHAut1exJfIRCqmbOxSwdPMB-cGmIsg0OFzTrMS9PFhuVK2UEfdEfj8IrDzRDTCslnZ2mMqw1B_Gz0OLtC0hY5YSBCVi5xGPo2i9rqJrFZ8T9q6GvfJ1z32fW4XQHKf-VFxr8IKeeE4cC8aMzIkm1kPI4YjOWcr5PBVGmJon12dHYwcIxezvaaMHEtcotBxN308mBm8DiCm-9tpOHUsa-AQ34H2mjcMJKBsPLzK1chrTOZ6QVq4pDsLV6ni0XVG7cjgw8le3U1ykxcc-VjqR9O7dsM7BLXfR7UCbnOwyeZiwoA0calH4jpjwzr-hGTrNsLFaSD56QIm9QDv075TOOSDmh9saxeNRbxUEmS_0rA1jcmSzHWyTKPD0qHuDYvSP1maDsheT1nb8tU1B1RpWRfyFHSomc5YRudIZZ046i11j8bou9KkZmuohK3rGnVd6r3zdsXzj0QExyU-hfZE5xNB_IRkl0bT2wswvP7PyUHZ_omEIFI7c9UXUcWixSC5-Jsr_KPh4dCZmSyH03Ut0DKyVUP8K-G53Wti2f6-PqhPDF3hA9saI1B1HLIRp85Q3e5sFMr4HJItpcQyTX3lJ7i_Sseajodnv3jtP2DKIsi3FeeYfvlZHNw6uu6pvGGSnSwBUxiMzz57_VbtRuq7dAzFxw1KAikJgepx_aW7YT92JhcWrV18JKP9WxNVWAzjqM79ark6CNWZu53cAnz2LsvYmwcZLBqPc7KRNPEtzQxbyNFTxem_gEEANTapBOx6MkCZzJXEFxS8Hxk2r9BzNzJwk2F29ME_an8h9hHDvc1SAZZ0elT08htVos3j4ZPhMGkIIBBI8AHKBCIOmfmKzbFOwU4l_hf-Oz7YJfJG3xwOI6WKkRIVKTZ9vvqAsTjSSrrK0rdWbycRcd36pFE2YcBB_GAFgAQ&cry=1

Request Chain 354

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDLu4gvwFJkX3TuE3pCRgOw&google_cver=1&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm7ZeF4OJ_4hNPxFnRuqqRYeZQwx5DieUr46hhx4vtgHf71z10X6J2V1mXYW HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm7ZeF4OJ_4hNPxFnRuqqRYeZQwx5DieUr46hhx4vtgHf71z10X6J2V1mXYW&google_hm=hmSTUzpULpZMOZcR6w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6493533A542E964C399711EBBLIS

Request Chain 355

https://match.360yield.com/match/ebda?google_gid=CAESEHMFFqsX7aUkZs60piUGB0c&google_cver=1&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-bl2hzdXIYZaqMQdb-9MqGweKsEG7o21HUGa2JByr2TqxhORamYG0iZwD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-bl2hzdXIYZaqMQdb-9MqGweKsEG7o21HUGa2JByr2TqxhORamYG0iZwD8

Request Chain 356

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBBUGS8MSmMfahlVffcAv6g&google_cver=1&google_push=ATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRxy4tV54hK HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRxy4tV54hK%26google_hm%3DA52DkGDZRUnhlXtDSRAjt00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRxy4tV54hK&google_hm=A52DkGDZRUnhlXtDSRAjt00

Request Chain 357

https://cs.media.net/cksync?type=g&google_gid=CAESEFU8PNWEihtaGJLtYNxMF3E&google_cver=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUduXRIBGIL5HRh-1qvz1h9_V8dUITznFO8CypoiTqrILVdyvcs_kwW610PelyUOTw0rEDn0WwrXpKwFpjsdmqZYe_ie2X7bDi7ko3UbzPh6kBHWvjaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUduXRIBGIL5HRh-1qvz1h9_V8dUITznFO8CypoiTqrILVdyvcs_kwW610PelyUOTw0rEDn0WwrXpKwFpjsdmqZYe_ie2X7bDi7ko3UbzPh6kBHWvjaQ&gdpr=&gdpr_consent=

Request Chain 359

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHfD0wyXeHggjAEwgJQ5Pqk&google_cver=1&google_push=ATf1kGMg9NQqZ1vOf19QYMA0weLdYUiPn_9lQWHEalKohZl7HpLpUesSc2TmZO68Ot-KVRFdrT9NoloKXHM0zDi_Y4hNoqvheLJrvmUh3nvfTdSwqGJenWNghyVW5XfHHXI9Xc10I9Sra2R8BQ HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHfD0wyXeHggjAEwgJQ5Pqk&google_cver=1&google_push=ATf1kGMg9NQqZ1vOf19QYMA0weLdYUiPn_9lQWHEalKohZl7HpLpUesSc2TmZO68Ot-KVRFdrT9NoloKXHM0zDi_Y4hNoqvheLJrvmUh3nvfTdSwqGJenWNghyVW5XfHHXI9Xc10I9Sra2R8BQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d7f616f9-f3ff-4aec-bba8-839d7ec071e0&%%GOOGLE_PUSH_PAIR%%

323 HTTP transactions
56 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ensonhaber.com/
Redirect Chain

https://ensonhaber.com/
https://www.ensonhaber.com/

164 KB
29 KB

112ms
40ms

Document
text/html

185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / PHP/8.0.25
Resource Hash: a615744c7dfb237db4c0ce46629d5298aae24d33f26495051f38801d7f5bc355

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33
allow: GET, HEAD, POST
cache-control: max-age=40
caching-type: litespeed
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 19:44:57 GMT
etag: W/"4973257-1687376663;;;"
merlin-is-mobile-desktop: 1
merlin-is-mobile-viewer: 0
server: MerlinCDN
via: HTTP/2.0 Merlin CDN
x-cache-status: HIT
x-edge: de-fra-dp-s01
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=60
x-litespeed-tag: homepage_homepage
x-midtier: de-fra-lea-s01
x-powered-by: PHP/8.0.25

Redirect headers

cache-control: max-age=3600
cf-ray: 7daebfc4cc2918e0-FRA
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Wed, 21 Jun 2023 20:44:57 GMT
location: https://www.ensonhaber.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 home.min.css
s.ensonhaber.com/assets/css/ 277 KB
51 KB 92ms
27ms Stylesheet
text/css 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57c9aa30eb75613091d6753b26caa6b3a56e24b7326ec4512a2ba17678def7d

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16776
content-length: 52151
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Jun 2023 11:14:28 GMT
server: cloudflare
etag: "454f6-648c4414-1c2131dc75de44c;gz"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63bdb366f-FRA
expires: Thu, 20 Jun 2024 15:05:21 GMT

GET
H2 200 inter-v2-latin-ext_latin-regular.woff2
s.ensonhaber.com/assets/fonts/inter/ 35 KB
35 KB 119ms
54ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-regular.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884385
content-length: 36104
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "8d08-639c9a83-8a94ee445f24e6c0;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63bdc366f-FRA
expires: Thu, 25 Apr 2024 06:58:32 GMT

GET
H2 200 inter-v2-latin-ext_latin-300.woff2
s.ensonhaber.com/assets/fonts/inter/ 37 KB
37 KB 117ms
53ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-300.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 37584
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "92d0-639c9a83-275355ba44709d0b;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63bdd366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-500.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 112ms
48ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-500.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 38652
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "96fc-639c9a83-df183364806ed438;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63bde366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-600.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 115ms
52ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-600.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 38852
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "97c4-639c9a83-c70c6bcb7fd34262;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63be4366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-700.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 112ms
50ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-700.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 38908
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "97fc-639c9a83-82ee2966142daad0;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63be1366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-800.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 113ms
51ms Font
font/woff2 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-800.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 38948
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "9824-639c9a83-d47e4f5f26ad6474;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc63bdf366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 191ms
96ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc9c4bea5abddf9fa6eeb1e26466840f03ce14a936227548b912b09719c9588b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 898 / 19529 / m202306140101 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:57 GMT

GET
H2 200 esh-tag.js Show response
s.ensonhaber.com/assets/js/lib/ 14 KB
4 KB 48ms
30ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/lib/esh-tag.js?r=3.14.62_110bdcf-v2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f43af206870986a648b5db6570c0488ead3ab087202e82168e57a73af4b5124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 16779
cf-polished: origSize=25855
x-vtex-cache-status-nginx-thumbor: MISS
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 16:43:44 GMT
server: cloudflare
etag: W/"64ff-648c9140-600d8002f3582cb9;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebfc5edd218e0-FRA
expires: Thu, 20 Jun 2024 15:05:18 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 192 KB
75 KB 166ms
110ms Script
application/javascript 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d3322d52559907500ad5c9d5ade92451d23a919878d09f5dc24d2852d28bdac

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gW7P6TU-tIjQHJ-nVlr_BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gW7P6TU-tIjQHJ-nVlr_BA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 21 Jun 2023 19:44:57 GMT

GET
H2 200 logo.png
s.ensonhaber.com/assets/img/ 10 KB
10 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/logo.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18716a69ac05e85bcd36f171cf3517c6f86c48d2814cd715b8f212e1f93c845f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 400770
cf-polished: origFmt=png, origSize=14744
content-disposition: inline; filename="logo.webp"
content-length: 9952
x-vtex-cache-status-nginx-thumbor: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "3998-639c9a83-80370abe83dfb67e;;;"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-msg-esh: gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff7d18e0-FRA
expires: Sun, 16 Jun 2024 04:25:27 GMT

GET
H2 200 config.js Show response
s.ensonhaber.com/assets/js/lib/ 5 KB
2 KB 33ms
32ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/lib/config.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2688eeeeb6d99e09adc5d8aeea2963fe4034ca8f98f639f24dea4e0d0f7d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 16778
cf-polished: origSize=8068
x-vtex-cache-status-nginx-thumbor: MISS
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 01:38:36 GMT
server: cloudflare
etag: W/"1f84-6449d21c-29d76f8c661a4d15;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebfc6ff7e18e0-FRA
expires: Thu, 20 Jun 2024 15:05:19 GMT

GET
H2 200 swiper-bundle.min.js Show response
s.ensonhaber.com/assets/plugins/swiper/ 138 KB
37 KB 54ms
53ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/swiper/swiper-bundle.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7461c0051b325805c887adc6357a464dae3efad3720214b91799a501afb62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4886592
content-length: 37667
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "227c3-639c9a84-365ff75c50969382;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff8318e0-FRA
expires: Thu, 25 Apr 2024 06:21:45 GMT

GET
H2 200 keen-slider.min.js Show response
s.ensonhaber.com/assets/plugins/keen-slider/ 14 KB
6 KB 34ms
33ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/keen-slider/keen-slider.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127fc5122908ed58f8a0595d3c00f9202b406d774b2b6ecd834bfba408a374da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 5950
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Tue, 24 Jan 2023 10:59:25 GMT
server: cloudflare
etag: "391a-63cfba0d-c751872e52ec6ffc;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff8518e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 scrollbooster.min.js Show response
s.ensonhaber.com/assets/plugins/scrollbooster/ 13 KB
4 KB 58ms
57ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/scrollbooster/scrollbooster.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 3744
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Mon, 24 Apr 2023 13:24:08 GMT
server: cloudflare
etag: "340b-644682f8-33996e347c569589;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff8818e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 home.min.js Show response
s.ensonhaber.com/assets/js/ 111 KB
30 KB 35ms
34ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5a4091ad723f5a0ee361cb4ec5ce851d11ed195d220647fe3399e0fa9f570a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16775
content-length: 30064
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Tue, 20 Jun 2023 13:22:23 GMT
server: cloudflare
etag: "1bdad-6491a80f-8eb2f34356ebea3f;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff8a18e0-FRA
expires: Thu, 20 Jun 2024 15:05:22 GMT

GET
H2 200 login.min.js Show response
s.ensonhaber.com/assets/js/ 15 KB
4 KB 58ms
57ms Script
application/x-javascript 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/login.min.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009d4ceeb1168ae5d225f0898ba84f53743d9051b32b5a016bc7c867f32f0c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16778
content-length: 4351
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 28 Apr 2023 14:12:37 GMT
server: cloudflare
etag: "3aa3-644bd455-cc120e5c107645f9;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc6ff8b18e0-FRA
expires: Thu, 20 Jun 2024 15:05:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
48 KB 85ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95b3ed6ca635da95502a1f4b0a4e26939a306865e6e090e73eecf40fc3f23f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48908
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 19:44:57 GMT

GET
H2 200 search.svg
s.ensonhaber.com/assets/img/nav/ 503 B
397 B 41ms
40ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/search.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 288
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "1f7-639c9a83-7df830a54a0303c3;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71faf18e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 tv-live.svg
s.ensonhaber.com/assets/img/nav/ 392 B
456 B 41ms
40ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/tv-live.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949358
content-length: 286
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "188-639c9a83-32710c5bc2f0f20f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fb118e0-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 archive.svg
s.ensonhaber.com/assets/img/nav/ 238 B
330 B 42ms
41ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/archive.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4886644
content-length: 202
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "ee-639c9a83-18325224231ec6ac;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fb318e0-FRA
expires: Thu, 25 Apr 2024 06:20:53 GMT

GET
H2 200 theme-dark.svg
s.ensonhaber.com/assets/img/nav/ 545 B
476 B 42ms
41ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/theme-dark.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 1914542
content-length: 321
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "221-639c9a83-d5d50ee83eb5dfb6;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fbd18e0-FRA
expires: Wed, 29 May 2024 15:55:55 GMT

GET
H2 200 notifications-off.svg
s.ensonhaber.com/assets/img/nav/ 1 KB
868 B 44ms
43ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/notifications-off.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949357
content-length: 716
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 10 Mar 2023 13:24:25 GMT
server: cloudflare
etag: "573-640b2f89-b9e1aca0490ef169;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fc018e0-FRA
expires: Wed, 24 Apr 2024 12:55:40 GMT

GET
H2 200 user.svg
s.ensonhaber.com/assets/img/nav/ 379 B
397 B 41ms
41ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/user.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 260
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "17b-639c9a83-5a3c1594c91c1939;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fc318e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 flag.svg
s.ensonhaber.com/assets/img/nav/ 664 B
515 B 47ms
47ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/flag.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 397
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "298-639c9a83-2532c638c956b99e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc71fc618e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 hamburger.svg
s.ensonhaber.com/assets/img/nav/ 141 B
245 B 42ms
42ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/hamburger.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 4949359
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: W/"8d-639c9a83-d5ea281d6f82c105;;;"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebfc71fc718e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 eshicons.ttf
s.ensonhaber.com/assets/fonts/eshicons/fonts/ 23 KB
12 KB 30ms
29ms Font
application/x-font-ttf 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/eshicons/fonts/eshicons.ttf?ncw6hm
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9

Request headers

Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 12530
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "5a5c-639c9a83-56e91538b3845a0f;gz"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc72d0a366f-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 cevdet-yilmaz-ve-mehmet-simsek-baeyi-ziyarete-gidecek_35126123.jpg
icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ 72 KB
72 KB 68ms
47ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/cevdet-yilmaz-ve-mehmet-simsek-baeyi-ziyarete-gidecek_35126123.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2091cf995fc533dc55280f08dd7145512f4362a849b749227d02d97643ae695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 520
cf-polished: origSize=76402
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 73609
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f25638a50dd41a01f35f702c1bff0ea652393042"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583b18e0-FRA
esh2: 788
expires: Thu, 20 Jun 2024 19:36:17 GMT

GET
H2 200 veni-vidi-goz_1f684123.jpg
icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/20/ 52 KB
52 KB 60ms
40ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/20/veni-vidi-goz_1f684123.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49acbce18de283ee4d071ecb179378db91393dbf7ac081da6c321f866eed7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 82006
cf-polished: origSize=56679
esh: 382
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 53505
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a1d494578cfa560a440ee74933e732a6f9271b20"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583518e0-FRA
expires: Wed, 19 Jun 2024 20:58:11 GMT

GET
H2 200 turistleri-titanikin-enkazina-tasirken-kaybolan-denizalti-icin-arama_34533728.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 20 KB
20 KB 53ms
33ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/turistleri-titanikin-enkazina-tasirken-kaybolan-denizalti-icin-arama_34533728.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12bcad3deadc62829c01d1c4854713a237a74515c550c48b8cdab9e6e1bc9996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 3578
cf-polished: origSize=20949
esh: 233
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 20381
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "55076a4e59219f4f0c710e00f5aaca1868f3d1fd"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583118e0-FRA
expires: Thu, 20 Jun 2024 18:45:19 GMT

GET
H2 200 nevsehirde-saganak-sele-donustu_339fd565.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 16 KB
16 KB 49ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/nevsehirde-saganak-sele-donustu_339fd565.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb0e8e164f8f994c3be7045bd8eb86334380d96b47561956b046592d145d755a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6442
cf-polished: origSize=16492
esh: 233
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 16102
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "065ed8937b53b8095bcba47c4865acba7e8d5f69"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583018e0-FRA
expires: Thu, 20 Jun 2024 17:57:35 GMT

GET
H2 200 bm-dunya-genelinde-insani-yardima-muhtac-kisi-sayisi-360-milyona-yu_3347b468.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 28 KB
28 KB 54ms
33ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/bm-dunya-genelinde-insani-yardima-muhtac-kisi-sayisi-360-milyona-yu_3347b468.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 836b38cdbed3a29dc66669048e7c7f7588fbe2514f32b925a5f677e7c6722f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 7861
cf-polished: origSize=29755
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 28512
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6069a47cc75e1ecb275849106a641b907a4686e9"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583218e0-FRA
esh2: 233
expires: Thu, 20 Jun 2024 17:33:55 GMT

GET
H2 200 yok-baskani-erol-ozvar-universite-sinavinin-kaldirilmasi-gunde_32803162.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 20 KB
20 KB 78ms
58ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/yok-baskani-erol-ozvar-universite-sinavinin-kaldirilmasi-gunde_32803162.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d652237f8e2a4a8d6db749b8f9be7ebde3372967fb4454887ccf380460c369f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 11036
cf-polished: origSize=20892
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 20296
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "8eb047edeade831f38cba6de28c379e461ae6957"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7583818e0-FRA
esh2: 233
expires: Thu, 20 Jun 2024 16:41:01 GMT

GET
H2 200 hdpli-meral-danis-bestastan-asgari-ucret-aciklamasi-kabul-etmiyo_31395848.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 47ms
47ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/hdpli-meral-danis-bestastan-asgari-ucret-aciklamasi-kabul-etmiyo_31395848.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ae49560f98f2b978bc4a2f3edf6cf5b89a9e8a8d05e7e6c47f06275d1b4d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16282
cf-polished: origSize=26246
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25602
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9f52ef5169ac6c287a7dda03907ac23e89e7da0c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7683d18e0-FRA
esh2: 233
expires: Thu, 20 Jun 2024 15:13:35 GMT

GET
H2 200 yt-home.svg
s.ensonhaber.com/assets/img/ 31 KB
15 KB 38ms
33ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/yt-home.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884361
content-length: 15522
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Thu, 12 Jan 2023 12:28:36 GMT
server: cloudflare
etag: "7b20-63bffcf4-248980f56cff858b;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7481618e0-FRA
expires: Thu, 25 Apr 2024 06:58:56 GMT

GET
H2 200 wp-home.svg
s.ensonhaber.com/assets/img/ 41 KB
21 KB 34ms
29ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/wp-home.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4886589
content-length: 20870
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 20 Jan 2023 23:35:42 GMT
server: cloudflare
etag: "a586-63cb254e-3fab314fac59889a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7481818e0-FRA
expires: Thu, 25 Apr 2024 06:21:48 GMT

GET
H2 200 abdullah-gul-amcasinin-esinin-cenazesine-katildi_2febd314.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 40 KB
41 KB 34ms
33ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/abdullah-gul-amcasinin-esinin-cenazesine-katildi_2febd314.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e1caf58394f459b15a0754ea42341ff3c697adc5eb4c077f6d9af374654b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6443
cf-polished: origSize=43396
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 41464
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "15e9a607d940fe72fbf4281410dea4436ea8f824"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc798c618e0-FRA
expires: Thu, 20 Jun 2024 17:57:34 GMT

GET
H2 200 vladimir-putin-nukleer-gucu-gelistirmek-en-onemli-gorevimiz_3054e774.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 21 KB
21 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/vladimir-putin-nukleer-gucu-gelistirmek-en-onemli-gorevimiz_3054e774.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0cba1a894b8a9bebd1394cfa675116713f9045497993f05291cd6a0b501f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 7862
cf-polished: origSize=21642
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 21394
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0e7023d63693bebe4abc7a4afa91bc235a7cd7ea"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7a8ca18e0-FRA
esh2: 400
expires: Thu, 20 Jun 2024 17:33:55 GMT

GET
H2 200 yi-partide-kurultay-hazrl-sryor-meral-akener-yeni-yolu-a_2f9f3447.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 29 KB
29 KB 30ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/yi-partide-kurultay-hazrl-sryor-meral-akener-yeni-yolu-a_2f9f3447.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de4631fb6802442e80c56133c419f2ce1d5979d17c33b421d5dec1d23468571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8234
cf-polished: origSize=30509
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 29821
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "287ffe51107c1aa42aaf4481d71b671cc74bfb48"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7a8dc18e0-FRA
esh2: 400
expires: Thu, 20 Jun 2024 17:27:43 GMT

GET
H2 200 mersin-erdemlide-hortum-seralari-yikti_33147455.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 48 KB
48 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/mersin-erdemlide-hortum-seralari-yikti_33147455.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fcc05e8697e4fa1b9af99a987029133c782d8ad781d6251ea097cd2dfc5ee3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8654
cf-polished: origSize=51454
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 48793
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ba29274eb8aae2f6b94f70d24e113fa7730659f1"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7c8fd18e0-FRA
expires: Thu, 20 Jun 2024 17:20:42 GMT

GET
H2 200 yeni-haber-basligi_31821975.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 51 KB
51 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_31821975.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f7724ef64a25174ce00e12b55284e5fc652f58ef84a46bb6719d234fdb1e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9899
cf-polished: origSize=54179
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 51920
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "3f2217874725fd6455b86bf2c7f2a0616cad5fbf"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7c90f18e0-FRA
expires: Thu, 20 Jun 2024 16:59:58 GMT

GET
H2 200 real-madrid-toni-kroosun-sozlesmesini-yeniledi_31774201.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 33ms
33ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/real-madrid-toni-kroosun-sozlesmesini-yeniledi_31774201.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8b02e27648c8923b73cb3b9582718641e079897b7bfd4b32e74786e8565200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9907
cf-polished: origSize=22735
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22251
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "84b2f14f7507bd0f07758ce50e78d80b1ea82386"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7c91218e0-FRA
expires: Thu, 20 Jun 2024 16:59:50 GMT

GET
H2 200 suc-orgutu-lideri-firat-delibas-esenyurtta-yakalandi-1_2f464.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 30 KB
31 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/suc-orgutu-lideri-firat-delibas-esenyurtta-yakalandi-1_2f464.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345b7b8da6f10a856720fd05570e1caa0e745fded85e2e51d27bd7c2b6da2398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 18194
cf-polished: origSize=32197
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 31229
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "3aa20af89331ef2f2d7345c10bf95576bdaa7376"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7d91d18e0-FRA
esh2: 400
expires: Thu, 20 Jun 2024 14:41:43 GMT

GET
H2 200 besiktasin-muhtemel-rakiplerini-taniyalim_31412422.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 40 KB
40 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/besiktasin-muhtemel-rakiplerini-taniyalim_31412422.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dde986d501f11f0aece25ea490512c34f0fdff0104a4858b61eacda34c107d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 15808
cf-polished: origSize=43164
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 41209
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "502de12a0cbf0897ea83b678b0e3bf6ff4b01e80"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7d92518e0-FRA
expires: Thu, 20 Jun 2024 15:21:29 GMT

GET
H2 200 gonul-dagi-103-bolum-2-fragman-taner-gercegi-ogrendi-selma-o_29d7e925.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 30 KB
30 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/gonul-dagi-103-bolum-2-fragman-taner-gercegi-ogrendi-selma-o_29d7e925.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79574e015175b8ea2f0366b354be78ae5be45c89150d0a42b7bfa6c9963dd5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 34423
cf-polished: origSize=31235
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 30472
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f70a1dba26a0b490f5201110a65bac7d898c857f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7d93218e0-FRA
expires: Thu, 20 Jun 2024 10:11:14 GMT

GET
H2 200 yiyen-duz-duvara-tirmaniyor-karpuzun-beyaz-kisimlari-meger_19f28145.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/20/ 24 KB
25 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/20/yiyen-duz-duvara-tirmaniyor-karpuzun-beyaz-kisimlari-meger_19f28145.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f209e5346c214d363ba40bcb0d7dabfad704152bb606c4c9602e379bd42d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 103482
cf-polished: origSize=25646
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25006
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d41ee5ebfce495bc06f5046b0d10cc6037e932de"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7f94e18e0-FRA
esh2: 400
expires: Wed, 19 Jun 2024 15:00:15 GMT

GET
H2 200 beril-pozamdan-bikinili-poz_2d4e2736.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 30ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/beril-pozamdan-bikinili-poz_2d4e2736.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05c53bea43812b44e419f33dc164c279d0ee87cb23084d657202bca8017bec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 4115
cf-polished: origSize=23642
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22673
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "eac9a98864216602d53bc44f1c20a4213387bedd"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8096018e0-FRA
esh2: 186
expires: Thu, 20 Jun 2024 18:36:21 GMT

GET
H2 200 abd-polisinden-hapishanedeki-siyahi-tutukluya-siddet_2d984613.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 18 KB
19 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/abd-polisinden-hapishanedeki-siyahi-tutukluya-siddet_2d984613.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3a58738834d6debdc3f257a5775601741fe7ea062eb48c8eb02ee0ad601f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5714
cf-polished: origSize=19408
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 18934
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "42674cf91962f46cb2905becae1d7772a569ca5a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8096318e0-FRA
expires: Thu, 20 Jun 2024 18:09:43 GMT

GET
H2 200 yeni-haber-basligi_2933b861.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2933b861.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309abe44eb60bb130df184f61f443953cd3fcbc5b909dd005ec72b3b15021c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 2660
cf-polished: origSize=8986
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8822
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "b919313b838e4e6f1afe0b257d8fed2600360fa6"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8096418e0-FRA
expires: Thu, 20 Jun 2024 19:00:37 GMT

GET
H2 200 yeni-haber-basligi_2e008472.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2e008472.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f989066757a82b34734e6ba6823770f5f1b0f3da11595bf1cb846a91c602ec07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 20235
cf-polished: origSize=8998
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8829
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a14d8dbb87a78a5b70bf46e3c5538a0a9d7c5d91"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8096918e0-FRA
esh2: 160
expires: Thu, 20 Jun 2024 14:07:42 GMT

GET
H2 200 yeni-haber-basligi_319a9291.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_319a9291.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d250710905b1e58c752cfcb0b3a1f35623fd5b86764fbf9e8b0b0392f2ca32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9836
cf-polished: origSize=9031
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8838
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "920e8eb75b620c7553dd2be037b0f7e02905651a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8097618e0-FRA
expires: Thu, 20 Jun 2024 17:01:01 GMT

GET
H2 200 burcu-ozberk-italyaya-gitti_2b84b298.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 19 KB
19 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/burcu-ozberk-italyaya-gitti_2b84b298.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44390ffd4b53f31574a15edd86377376b061b7096ef0a5b1ff76da6dc4008ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6525
cf-polished: origSize=19996
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 19330
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "65729474569cfe366552608a9c55ea71387a687c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8299018e0-FRA
expires: Thu, 20 Jun 2024 17:56:12 GMT

GET
H2 200 diyarbakir-havalimani-otoparkinda-ambalaji-uzerinde-sifir-arac-stok_2d30e216.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 29ms
28ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/diyarbakir-havalimani-otoparkinda-ambalaji-uzerinde-sifir-arac-stok_2d30e216.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17cf0e01b410087dbe8dc19706c995f4d3b246e64e1db192138dd6fe826cc4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8749
cf-polished: origSize=26468
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25378
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a1e576b7200762ddcdd8b97604f54ef70786c22f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc839a218e0-FRA
esh2: 186
expires: Thu, 20 Jun 2024 17:19:08 GMT

GET
H2 200 gungorende-halati-kopan-asansor-dustu-1-olu_30318509.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 8 KB
8 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/gungorende-halati-kopan-asansor-dustu-1-olu_30318509.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb9ed81998ce0973c185875c0b30b8bb4279f57cb64287508b1a0ab058afae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 701
cf-polished: origSize=8038
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7899
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "246df634f0ed4645e8a77a3c2b96cbd6502ec53b"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc839a618e0-FRA
expires: Thu, 20 Jun 2024 19:33:16 GMT

GET
H2 200 gulusuyle-unlendi-hababam-sinifinin-bacaksizi-tuncay-akca-ba_301d2376.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
7 KB 29ms
28ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/gulusuyle-unlendi-hababam-sinifinin-bacaksizi-tuncay-akca-ba_301d2376.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a1a47d73652bcc5b2be7cd02ffb055ac5a14d3424d949d1f9232a09d2720db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 17085
cf-polished: origSize=6591
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 6567
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "edfdde3be4f1f063063202f544ce723ec7c63ad3"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc839ab18e0-FRA
esh2: 160
expires: Thu, 20 Jun 2024 15:00:12 GMT

GET
H2 200 istanbulda-uyusturucu-tacirlerine-operasyon184-gozalti_301b1755.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 7 KB
7 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/istanbulda-uyusturucu-tacirlerine-operasyon184-gozalti_301b1755.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642690da3a34058586de455c174c0ca0ac0cfe90621a06602a60fd94bd204218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1595
cf-polished: origSize=7219
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7095
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5c36962f693c2d746bf3d1ed3b8e5202eede660a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc839ac18e0-FRA
esh2: 160
expires: Thu, 20 Jun 2024 19:18:22 GMT

GET
H2 200 singapurda-intihar-girisimi-ozel-ekipler-tarafindan-onlendi_2f1d7423.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
6 KB 32ms
31ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/singapurda-intihar-girisimi-ozel-ekipler-tarafindan-onlendi_2f1d7423.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d3a97eb0de0a03be74334808c5faad0ddb368de9dce18363702d500326f1a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8250
cf-polished: origSize=5700
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 5656
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f8c3c2296c65397eee9eb9ab1bedf738ee2d5e2f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc849c218e0-FRA
esh2: 160
expires: Thu, 20 Jun 2024 17:27:27 GMT

GET
H2 200 yeni-haber-basligi_2f8a5367.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
6 KB 37ms
36ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2f8a5367.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aced13c5cde18af20f9f6d8691609ddd5c748c18e0437e5e887a960977f5c73d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 13865
cf-polished: origSize=6300
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 6274
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "968d785ecd6c4aeda964ab135494babf3561b521"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc859e518e0-FRA
esh2: 160
expires: Thu, 20 Jun 2024 15:53:52 GMT

GET
H2 200 yusufelinin-guresci-bogalari-yeni-arenada_2f9c5835.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 8 KB
8 KB 31ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yusufelinin-guresci-bogalari-yeni-arenada_2f9c5835.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a27147fbfef41f281db7f00102b2b4860422aae427740623a145892f477160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 14169
cf-polished: origSize=8706
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8422
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f9b5eba4f3acb7ebb421993b488735713a452b29"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc869fe18e0-FRA
expires: Thu, 20 Jun 2024 15:48:48 GMT

GET
H2 200 fenerbahcenin-konferans-ligindeki-rakiplerini-taniyalim_31207698.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 45 KB
45 KB 33ms
32ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/fenerbahcenin-konferans-ligindeki-rakiplerini-taniyalim_31207698.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31b08f5197d4bce6f97586010b2699dd3574d0b5dcb9735aa4b31ebf7a39b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16351
cf-polished: origSize=48177
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 46031
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d15ab880faa5fa043ea6411606ca792ce8124f0f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc86a0418e0-FRA
expires: Thu, 20 Jun 2024 15:12:26 GMT

GET
H2 200 isvec-disisleri-bakani-turkiyenin-butun-yukumlulerini-yerin_2fbf7390.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 24 KB
25 KB 35ms
34ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/isvec-disisleri-bakani-turkiyenin-butun-yukumlulerini-yerin_2fbf7390.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a3e77e6c3daacec81193aa4a6c42c941b2db63f14ef430cb3f4fad6ef9a44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16282
cf-polished: origSize=25211
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 24943
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2c04bf3351ccac8f8787b82bf693fff89561a528"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc86a0518e0-FRA
esh2: 400
expires: Thu, 20 Jun 2024 15:13:35 GMT

GET
H2 200 hatayda-53-saat-sonra-enkazdan-cikan-genc-kurtaricilari-ile-bulustu_2c953824.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
23 KB 30ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/hatayda-53-saat-sonra-enkazdan-cikan-genc-kurtaricilari-ile-bulustu_2c953824.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ce235596c3042bd01d1609085f467f2d3630b54912434289bdf50c329d8c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 11946
cf-polished: origSize=23776
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22906
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "91fb119de95432c573b2dd8c04e3b434b7acfa24"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc86a0618e0-FRA
esh2: 186
expires: Thu, 20 Jun 2024 16:25:51 GMT

GET
H2 200 kayseride-alkol-alinan-masada-oynatilan-kiz-cocugu-henuz-bulunamadi_2bfe3220.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 28ms
28ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/kayseride-alkol-alinan-masada-oynatilan-kiz-cocugu-henuz-bulunamadi_2bfe3220.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c19206c024726a36da0e04d60a41053c3151874c32953bb90c46e79a0908685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 12782
cf-polished: origSize=26838
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25619
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ca857d24178fd6f1f9ae1fb451c4caef91ef5a40"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc87a1d18e0-FRA
expires: Thu, 20 Jun 2024 16:11:55 GMT

GET
H2 200 tuncelinin-kelebekleri_4357.jpg
icdn.ensonhaber.com/crop/340x191-85/resimler/galeri/kok/2023/06/19/ 12 KB
13 KB 33ms
32ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/340x191-85/resimler/galeri/kok/2023/06/19/tuncelinin-kelebekleri_4357.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13cab061ea47f0fe6c3fd6b37e6728beb40dc447c3086aef9ba1132eb0df6490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 202578
cf-polished: origSize=12827
esh: 340
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 12671
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "bcf11022c4e4e21f93a1bcc6bfc0d174a64d98bb"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc89a4a18e0-FRA
expires: Tue, 18 Jun 2024 11:28:39 GMT

GET
H2 200 boluda-esinin-agabeyi-ve-yegeni-tarafindan-acimasizca-dovuldu_2ba87250.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/boluda-esinin-agabeyi-ve-yegeni-tarafindan-acimasizca-dovuldu_2ba87250.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db14f5793d357dcf51166ba19a5b233cc9d9bbcc059f160e2f0069b23441dca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 13193
cf-polished: origSize=26304
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25138
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "361bfca0e8b1b0de95dc7195462d9dd28a7024a5"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc89a5c18e0-FRA
esh2: 186
expires: Thu, 20 Jun 2024 16:05:03 GMT

GET
H2 200 izmirde-4-turkmenin-katili-tutuklandi_2b80d606.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 31ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/izmirde-4-turkmenin-katili-tutuklandi_2b80d606.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44bd343862046968424f4d9db05d46c1e851bfca9c5005906894c157fde2473f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 17014
cf-polished: origSize=23137
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22032
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f74f2e40f7c40513c369cdaa169df6267a42cd3e"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc89a5e18e0-FRA
expires: Thu, 20 Jun 2024 15:01:23 GMT

GET
H2 200 dele-alli-sacini-boyadi_34609450.jpg
icdn.ensonhaber.com/crop/700x400-85/resimler/diger/kok/2023/06/21/ 74 KB
74 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/700x400-85/resimler/diger/kok/2023/06/21/dele-alli-sacini-boyadi_34609450.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586e363f37521dcbfcd7ba32cc2305081db89c33d632f9db1cb95a6eaf092031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 3365
cf-polished: origSize=78099
esh: 700
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 75456
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f109357a7dc94430407cd226966fba821ffcaca6"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8aa6418e0-FRA
expires: Thu, 20 Jun 2024 18:48:52 GMT

GET
H2 200 filenin-efeleri-avrupa-altin-ligi-dortlu-finali-hazirliklarini-tama_33ec1419.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 13 KB
13 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/filenin-efeleri-avrupa-altin-ligi-dortlu-finali-hazirliklarini-tama_33ec1419.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c22b1c52421d79788e5590f0b33e9847080e119b367d23f7a3ab8fc793d986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5206
cf-polished: origSize=13127
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 12864
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9fd62aaa8588680799c47d48307cb4978564ec0c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8aa6518e0-FRA
esh2: 229
expires: Thu, 20 Jun 2024 18:18:11 GMT

GET
H2 200 danielle-cuttino-galatasaraya-transfer-oldu_31698978.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 7 KB
8 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/danielle-cuttino-galatasaraya-transfer-oldu_31698978.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c54025d4765832f03ef10c8468ca1d849ee429b51b4f264890e54ce27f66a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 12711
cf-polished: origSize=7620
esh: 229
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7479
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "58011849923fed1e7211e2f7c13ba9b65abb6812"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8aa6d18e0-FRA
expires: Thu, 20 Jun 2024 16:13:06 GMT

GET
H2 200 sertac-sanli-sonuna-kadar-hak-ettik_31051940.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 14 KB
14 KB 36ms
35ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/sertac-sanli-sonuna-kadar-hak-ettik_31051940.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276e17bfb22e4bda39154fcf2fe17921a530e3b7c5697d92c09348e1ba60d042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 17074
cf-polished: origSize=14628
esh: 229
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 14312
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9a526c50b3e6c4cf763f955e568298134418df06"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8caa418e0-FRA
expires: Thu, 20 Jun 2024 15:00:23 GMT

GET
H2 200 dursun-ozbekten-transfer-aciklamasi_2f8f8176.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 10 KB
10 KB 32ms
31ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/dursun-ozbekten-transfer-aciklamasi_2f8f8176.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c2718b5a8f0a342627ce1e4da4ee9ab45fcc24cff760530da5a33d2db6cdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 23083
cf-polished: origSize=10306
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 10278
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d065e2d5c29425e8f79e4c56c71d71e97319ad64"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc8caa718e0-FRA
esh2: 229
expires: Thu, 20 Jun 2024 13:20:14 GMT

GET
H2 200 youtube-white.svg
s.ensonhaber.com/assets/img/svg/ 4 KB
2 KB 38ms
38ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/youtube-white.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4886554
content-length: 1754
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "f42-639c9a84-de402b8448af89b4;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7887e18e0-FRA
expires: Thu, 25 Apr 2024 06:22:23 GMT

GET
H2 200 youtube-player.svg
s.ensonhaber.com/assets/img/svg/ 1 KB
691 B 39ms
38ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/youtube-player.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884407
content-length: 567
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "431-639c9a84-a968250828655b7a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7887f18e0-FRA
expires: Thu, 25 Apr 2024 06:58:10 GMT

GET
H2 200 logo.svg
s.ensonhaber.com/assets/img/nav/ 2 KB
1 KB 35ms
33ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/logo.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884407
content-length: 1038
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "801-639c9a83-2deb684a3979a6f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7888d18e0-FRA
expires: Thu, 25 Apr 2024 06:58:10 GMT

GET
H2 200 telegram.svg
s.ensonhaber.com/assets/img/social/svg/ 393 B
392 B 39ms
37ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/telegram.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 277
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "189-639c9a84-96400f8900acc41e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7888e18e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 whatsapp.svg
s.ensonhaber.com/assets/img/social/svg/ 3 KB
1 KB 38ms
36ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/whatsapp.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949358
content-length: 1108
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "acf-639c9a84-20f1ab362ceade15;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7889118e0-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 youtube.svg
s.ensonhaber.com/assets/img/social/svg/ 953 B
548 B 35ms
34ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/youtube.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 423
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "3b9-639c9a84-92da1d82d3fbff6f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7989518e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 twitter.svg
s.ensonhaber.com/assets/img/social/svg/ 856 B
577 B 37ms
35ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/twitter.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0a8c318709b662988173b2343311cff1342159884ea66bb2f6a98287ca916f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 482
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "358-639c9a84-8f449a611e7de763;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7989718e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 instagram.svg
s.ensonhaber.com/assets/img/social/svg/ 2 KB
831 B 39ms
38ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/instagram.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884407
content-length: 737
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "853-639c9a84-13d92e1e1566001a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7989a18e0-FRA
expires: Thu, 25 Apr 2024 06:58:10 GMT

GET
H2 200 facebook.svg
s.ensonhaber.com/assets/img/social/svg/ 656 B
488 B 36ms
34ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/facebook.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 393
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "290-639c9a84-a482b1a13127354d;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7989c18e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 borsaticker Show response
www.ensonhaber.com/dynamic/ 8 KB
2 KB 20ms
20ms Fetch
text/html 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/dynamic/borsaticker
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN / PHP/8.0.25
Resource Hash: eda8f2817f63788e1b2bdbd7515cc6a1ab84f81bcca67055bd9f515282db0e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 30
x-midtier: de-fra-dp-s02
x-cache-status: HIT
x-litespeed-cache: hit
x-powered-by: PHP/8.0.25
content-type: text/html; charset=UTF-8
allow: GET, HEAD, POST
etag: W/"4974176-1687376267;;;"
x-edge: de-fra-dp-s01
cache-control: max-age=300
caching-type: litespeed

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d079bf21e72c5449d5aa75a4916c4556a0fd2b02cadd2a93aa1d1529957722

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b6c2ef65f2486f7be1c3b49a50e88ed2602d29d1f9ecb03ddd4e198c8e5910

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 istanbul.json Show response
api-stg.ensonhaber.com/data/havadurumu/ 3 KB
835 B 47ms
29ms Fetch
application/json 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-stg.ensonhaber.com/data/havadurumu/istanbul.json
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.25
Resource Hash: b1bc671699d3846825ef343ce07104f81335c549a5278d232bbfaa5eac8beaf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
cache-file: data___istanbul_saatlik_2023-06-21.json
cf-cache-status: HIT
age: 521
x-powered-by: PHP/8.0.25
x-litespeed-cache: hit
content-length: 501
server: cloudflare
etag: "762894-1687375671;gz"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-server: api-srv-1
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: x-requested-with, origin, x-requested-with, content-type
cache3: out-of-memory
cf-ray: 7daebfc7fe23366f-FRA

GET
H2 200 loading-red.svg
www.ensonhaber.com/assets/img/svg/ 1012 B
583 B 21ms
20ms Image
image/svg+xml 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 40292
etag: W/"3f4-639c9a84-c475a4ec4487325e;;;"
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 loading-red.svg
s.ensonhaber.com/assets/img/svg/ 1012 B
522 B 29ms
28ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 284
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "3f4-639c9a84-c475a4ec4487325e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc7d92f18e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
98 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d51f301915e6aec64491e8db5c39fca3fd7d4fffc6167b9a4794b129d3d0d4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 19:44:57 GMT

GET
H2 200 down-red.svg
s.ensonhaber.com/assets/img/svg/ 735 B
686 B 30ms
28ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/down-red.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4884411
content-length: 487
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "2df-63ac5c36-bff6e9315efa01c9;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc859dd18e0-FRA
expires: Thu, 25 Apr 2024 06:58:06 GMT

GET
H2 200 up-green.svg
s.ensonhaber.com/assets/img/svg/ 764 B
598 B 34ms
33ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/up-green.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 504
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "2fc-63ac5c36-8edaee021ef5d882;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc859df18e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 bitexen.svg
s.ensonhaber.com/assets/img/svg/ 9 KB
7 KB 33ms
32ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/bitexen.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 7235
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "2559-639c9a84-eb01bfa43127277e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc859e018e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 crypto-currency-white.svg
s.ensonhaber.com/assets/img/svg/ 777 B
597 B 32ms
31ms Image
image/svg+xml 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/crypto-currency-white.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949359
content-length: 473
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "309-63ac5c36-e35f449c24d92fc1;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfc859e218e0-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 1.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 783 B
748 B 21ms
20ms Image
image/svg+xml 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/1.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 05ec57e3bf50c723dd83849e24de2ddd91ee49fb7c72c3a80e4061eb723cacde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 47918
etag: W/"30f-639c9a84-6f86531e74315052;;;"
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 33.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 813 B
723 B 21ms
20ms Image
image/svg+xml 185.102.219.173
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/33.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.102.219.173 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-102-219-173.datapacket.com
Software: MerlinCDN /
Resource Hash: 44e47e47c96c54501f577da9294014414a2f716ee0f6fa63a44f981be79337d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 30412
etag: W/"32d-639c9a84-79b8375c1d41a623;;;"
x-midtier: de-fra-lea-s01
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3399
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 18:48:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
576 B 100ms
56ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88b1258dac80af1416de261b7b1ed0c629ba684d62b2217d6429c3c609c007d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 75ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je36e2&_p=769188532&cid=1493845771.1687376698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687376697&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/ 3 KB
2 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/?random=1687376697738&cv=11&fst=1687376697738&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&auid=1047006101.1687376698&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

021cf1245ee9b2c32d5ca63156ffcadf9c17762dd3b4766974d2367af22451fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 92ms
42ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 94ms
34ms Script
application/javascript 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 85686
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7daebfc9e8ed5b74-FRA
expires: Thu, 22 Jun 2023 19:44:57 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 205 KB
53 KB 1255ms
1254ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2447352499&didk=3991379447&sfv=1-0-40&ists=1&fas=8&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697837&lmt=1687376697&dlt=1687376697222&idt=561&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ac6a88eb9da832c00ffd5bc8b154fc685f0c921e31d3e8e85e02f7d3aa6b6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54034
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 596ms
596ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90&ifi=2&adks=2619639180&didk=2861604050&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697844&lmt=1687376697&dlt=1687376697222&idt=561&adxs=315&adys=155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=1600x280&msz=970x-1&fws=4&ohw=1600&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f64ec863dc1e51e44914578c1f351abb0f1440b49d784bd2c7de9ba02cc52a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11617
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
42 KB 299ms
298ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90&fluid=height&ifi=3&adks=905423781&didk=4180154659&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697849&lmt=1687376697&dlt=1687376697222&idt=561&adxs=315&adys=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=970x280&msz=970x-1&fws=4&ohw=1600&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2ab3f79878bca67227a271db892287309b1725e347f8e8e2b48674e8ba2ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42773
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 834 B
429 B 923ms
922ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cstickybottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&adks=396462409&didk=2469753850&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697851&lmt=1687376697&dlt=1687376697222&idt=561&adxs=436&adys=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0be148114a45b6d493239cf3635ff69c520807377ff47736352e8bfc189de41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
14 KB 1533ms
1533ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cpageskin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=5&adks=1502987301&didk=133821678&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697853&lmt=1687376697&dlt=1687376697222&idt=561&adxs=33&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=300x-1&msz=160x-1&fws=516&ohw=300&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4e11447f7fce2c1b2b3b2c9dbba2e5e5e7e8583cd266c63dab718aed32963a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 749ms
749ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=748411841322753&correlator=3543143954597157&eid=31075029%2C31068366&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cpageskin_genel-sag&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=6&adks=2966292975&didk=403647575&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376697855&lmt=1687376697&dlt=1687376697222&idt=561&adxs=1407&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=300x-1&msz=160x-1&fws=516&ohw=300&ga_vid=1493845771.1687376698&ga_sid=1687376698&ga_hid=769188532&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95b028ab59d81f89133d24c26d059e5dae88bc484b8b8ab15eb45f58b1622344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11219
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B4B 6 KB
3 KB 121ms
29ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 37 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b364aa5ec35c70520296a6172a1d7963535eeb7f6b246f41cf66af5d315f1215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9626
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13147
x-xss-protection: 0
server: cafe
etag: 3115308656160103658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 17:04:31 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1065653642/ 42 B
455 B 83ms
32ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065653642/?random=1687376697738&cv=11&fst=1687374000000&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1868143728&rmt_tld=0&ipr=y

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1065653642/ 42 B
455 B 81ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065653642/?random=1687376697738&cv=11&fst=1687374000000&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1868143728&rmt_tld=1&ipr=y

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 105ms
104ms Stylesheet
text/css 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-6evG9ZJuqSdKKMyih42FEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-6evG9ZJuqSdKKMyih42FEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 163ms
70ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2ef27cc26271047a232ed266899a6039c297742dca96a54af30a9f366638622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11248
x-xss-protection: 0

GET
H2 200 ahmet-nur-cebiden-tff-baskani-mehmet-buyukeksiye-tepki_3527d629.jpg
icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ 93 KB
93 KB 29ms
29ms Image
image/jpeg 2606:4700:10::6816:3f4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ahmet-nur-cebiden-tff-baskani-mehmet-buyukeksiye-tepki_3527d629.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fde7e8b896df8fe336a78b6e5f02646f8fd2e4c222ead991e575aa6c40adc8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 174
cf-polished: origSize=100516
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 94887
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "c07d924b47352adea009239a77cc36959627cd51"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebfcafdef18e0-FRA
esh2: 788
expires: Thu, 20 Jun 2024 19:42:04 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 77ms
21ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:18:18 GMT
via: 1.1 google
age: 1600
x-guploader-uploadid: ADPycdvLHovSFAdIU69Lowubtwnb5clUl6MwwDNqd_RzE9QihTl0owkM4Sn_1fJbHllzbZtV9GuvSvfpBvwZ1FcRoGKWYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Wed, 21 Jun 2023 20:18:18 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 116ms
41ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:44:58 GMT

GET
H2 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1394 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 158ms
81ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 1394 34 KB
13 KB 73ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13554
x-xss-protection: 0
server: cafe
etag: 10619647361806024282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:21:09 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1394 24 KB
7 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:25:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 541162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 13:25:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1394 178 KB
56 KB 151ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 1394 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 1394 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 1394 19 KB
8 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1394 0
0 30ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeQzk9oCX9USFlSzYrrMLfWP3b8zzhWsLBnFuIPWGCz6QirePfruVsm-0j99k_Xf9gtzhBRJUYCFMokMsL8oGRGj4WZg
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 83ms
36ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ensonhaber.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.ensonhaber.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 21 Jun 2023 19:44:58 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: c47a7fa2abd6bc0b655844e17be9e4df

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 43ms
42ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 22aaf5db7b81ee519eda98142c7b0e1925610e8e1741ee1612a53050f5189ad4

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: ec6dfd6b281a30594acf31afdc2f448e
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

POST
H2 204 events
bidder.criteo.com/csm/ 0
79 B 129ms
34ms Ping
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Jun 2023 19:44:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5AE3 15 KB
6 KB 103ms
35ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
server: Kestrel
server-processing-duration-in-ticks: 275808
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 HRSwjVb332L3i-gdSgRYmLzE4rQJtcc11zdvM1b-bFe8u4A0dHpPtFs5SKgJlToIsl9TaYuwCiFqn5sMdN4NYcwPkPQ0nuRw=w1200-h628-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame 1394 264 KB
265 KB 72ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/HRSwjVb332L3i-gdSgRYmLzE4rQJtcc11zdvM1b-bFe8u4A0dHpPtFs5SKgJlToIsl9TaYuwCiFqn5sMdN4NYcwPkPQ0nuRw=w1200-h628-rj-pd-pc0x00e9e9e9

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7845a96e37c4be1ee2b39029b0c7ba443c68a74befff0e1cae63f5bb0b26c30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:29:23 GMT
x-content-type-options: nosniff
server: fife
age: 935
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270612
x-xss-protection: 0
expires: Thu, 22 Jun 2023 19:29:23 GMT

GET
H2 200 1861294809109631555
s0.2mdn.net/simgad/ Frame 1394 10 KB
10 KB 85ms
21ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1861294809109631555

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:14:55 GMT
x-content-type-options: nosniff
age: 408603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10020
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 12:43:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 02:14:55 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1394 42 B
118 B 46ms
44ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsrSlLmqYm0iIBIUnjdBczjaxvEJiFXPmegqZRIzz12mGjuCmy9IrwEro57UmDEF9JBaO8HgTgYlLssZ75m64XpyxK-Uz_CCTtPwkNA87eA_7rgzSMD50pjGhcrJHi-NjYRKfy5EAVyO-ra45CkZLAGLMgBw&dbm_d=AKAmf-AjdDpeP1T9QuA8o0em2tH4UPr25OeXXo_uLC6WqmJ-9idoNA9J2CajiRAEPAwYbQZzBjCbyyeNMOMrHuVaL4drT1o2mw-CesNIxlHe-y_AVVPLWhHoEQPEiJIiASX38sD1xyAfSYMv5Ij42GIPBrXeQ_TRc1GF8FbVaddCgQREGJsn5J61nQBdr6NEAozSUzF-PeGl0sr9dePuMsCqYCMLj4LaC-Ibl1-m8STXjVFNFoT1Wd0yciuyAsp8MO_i1tjh7a2UtWnwnCp9r4yFw4BsvWyOLR6MI6uyQdIZRG4HAIRyTEPt4poAEdJy87j2p3AaMihvbtokufUVTqLxVT4Db1MAEg6CBHKFC3nb5Yy3hVO9YVagNcbqf06j65giaeZ587h5PuALXHCSgi0oH9wkhr6A4lNgcrkgrBS_NAOIOnTNGY9aDVnhlWE112P1_FvVcobIAoJUKqrZFBDfGcL8n9WigWlWKs3dlWn5lE7_sHJWVYdGbsd8CkAbWxQ6h9OSlGf-0PXkmyTr1x43Ofh7y7Gw85BWJ6-9_y-LpXttSwD2bAg62xwTxKZBjbfS73i-UvQ2WERRr14BYN18AaP655XuF4sPMbcczncbg5Qpkpzdgre2VUPoou0pxKvCZbmbAdYphDdjeaMoaobn6Kg958J1o3UCXl6pUpM6IfVQ147ain-298hNIyvHQojpDe4jgD-hGs2_tdbL7GWWiP40P2Glo2cx0c7WCshjgcAd22VBoOy-MIH860J7-kIRfDWgS8-3zbyhOm9LKS5sV2MNcs1qW8xMKNGMT89cD0hVnRBzac_2uXXDTijvtYFHmsYwdg1jgSxLt4qA75mNO8dnCjFeYoe_HDta5jgbOBQHUsNuGdgwf6xhKssb0rfme8g3UHxlo99DX6oLM3cc9whgKIyMRwKvR14XaOA80CJcJJzWu-06K8zZsrNhpbpr6jGDVHBOCg5eoZrpExMdRYzI6LC_Bexrshkx1OLaW_b1wuoVoToXKsChYt_r1J04d83vFA58JgUWHS7yHxs-g3v3x720q4-8r2lTyRaAXq6LwSBOWe6-ghu5jjvREB2irPIccVYVpWg2MtmErMOElGzCCOoTh9aLok5rMYbQx_R7v_C0TgabpjXYPfPo4IrauL2n4COPlWUzCxoESxZJj1BFjwijmmAj0WJvdveEW7WbdrXY3PBAxwlZqYwSFWmA6xOdvPfUn_H8ohcv9LlKQdON3UjjdN2RbkEN9WFsRf4miJ6iZOoiHXtGz-c2GnZu-caY0gZ-jQPKdaKVvDCEEqbZD5W-jxQ61kRRGoDCqh7NWnSr9fALvfWRzHE30p9STXNc1z_zAc_mNKjkTodWNnB1DaYCV81N8hD2NFPd2-9HUcM-PV1eYS9EG-08v7a52GjDchf4fHedR48ssvZ3PLchVXgpjAJQ1lalGYC1kY46dGeBoXl8OxLAmixmuO8uCyxb0F03_vrUBdUhQR1opPx9jucYLjRVCFDHQ6DsjR0AZzQyQCzvXXEgLCyqirVKvzUAISHUMVdIUwV9-8mFM_rC8ynbz_G4HSsGKBkLYojzvM9DjLeb9MR8UjKzEc-KI-Ge9glgfQwp9IQJTLi4WKJ2xPFqvLXgd5riS2-0U0VKNARy1PDo_IwpVi6igOKEPe_6WPreMsbuxPJMZGDWZLZJSt_bf0uQ_975dHtQNac2covELpgICy-GiCGPekq9B0WdlBpJoenBskZf5Nt8MVtSDU80bMbDitgWX6IphiwtzPmUZov2WnmgKKJlA66mktc2Ehq2XuZg114HLpgcSrOZo-84UGdmcG43GAOtVoSxGiX6_cfo9m7WQUlH7m4dfBGwOZCc7zmkTW8aUkBaOQV0i2aBs1tV-vwi0024QC7t19yRSfX5BFOhIcUdujW1w5N4p3O8czKtPFUiGJM1EXPhuqcbhdMMEeTDhY7nQ2AchbdbecFPBQ_2QIcpv72xa87rlBc7vfq5OjerWvPkxOKH6_TsWI-lnYRgJYuw_VvTb_OqQyMEdPvE8X9AOovkE7vv-m-b3wXyoOFKb9SWT8_42gNTHXsEzBbSp0hTvXynoNFJwNzkPpTEFxjJVWVjiOx71KTJkrRF5pzXBzfzmkOn2pjAyOSaMzSwdZTYbzm_1zsvNGZrhdmJ4BpFX0VRzq6-AKm5p3Rt1b27kKESy1uljSgihexQRVvpnA1bjVFawxGB-LxNK2_NqEcCN8Azy7Uv3obe7KtQXHsM7XmXCqLpnnVGs9vCg88M_YG0g_sXkOSNfjCGZWbTCebDYAukn33izy1is8Lmcb-b9Mur0XWcU-bb76DB1akkq7jRUTJNy7WFQ7m7qeK9HfDY3gfSGIUOa4BWiW0LtZnO5wP9wUq-cb311WHObKxU6an_N0eBFjsFD-hZS80eBDW7bIPHA3Un2WABnd78YTq0Wf8tnQYmkrvtM2gnb46UrScT50N-iG6jq15RbkkQTP_CLWhyVNDX68ggWfTOPC8bWc9BWhfW0BgWfVq0plsD9Q0XsT-2OfX9K7EEXgJOHdbcA8lJO9n8XfjsDrEUtsI3yf1FgTuH3HmRpTTgg892U9rn0bD8E6-CwM_Itn5Rx8WFSgBEtti_uRtn1o34Uun90W1Dn0pmZq4cNzMTiM5ox0iufxx-PNQ1V_Kz9BMpdHF_56DwkDdJF0OBFMThXqDB0pQ9G0muFAVYuoFLhzWBDUC6Z8Xi00M6Zt3dJxThRdUCKHaFpfbfxdNJIU0uGYESmkqctUFlr9590WSoNQTNK5YPhOFJQHIKqtKpKq8oWaUbq9yIdWwFZz9JgHtd2KKHS7kH6ehu10wEO-ovPDy3Bet6vB2Dzwc2_yxErUPD2CXCzfQxev7l6UZCn89Mo-GVMDt8AeiH4iCBuGDIZvUfGzArUKu9RFyj1_V23tXn8GHVTKnYQixzMakRGQGA9sq6iDTIzJou67GxSFNmyvpXS8SIcX9ytPpDfGHMKTOe1Bca2T5fwa13z2hCUsh6WvXhILY-Zahm8z-H0dHZZPTnmThfa0WuvcfEXioOBxFFMHLQKpUJVBk-oA6GkE_KwHxBY79uk7dqd1KIqOLpE7armPLDIyMONbPVFohWqi-JSuX0fg9HYpYh0Z6Eh_pw6uTGaGBYB7aI1e8aZsLe3TOs_M7Y6pXex-3ckedI85X0IPxUo4CrbnQgeWDcjkFFD2FtSN3m4vXyRSOnYHN0jK1S7Jsk54nqHbwr9urCW7KKlgLQFCOZ7ZaF1viCr4HssONHmwaK2ONtCWrcrmtlK6Ouv4OM4_EbKF7fsDOgwlRWCnv2lx1cbmxezCFrMuv4qF16mOwWn8gNGsF2qG-UGZqkzXlJL9wfjBiAtFisgllm4E-NCnzVQoUORO4L4sCMpFp6bnagF8TKi5tMG6H29eZLfwvKYF_Azkcq6KyzrxQWHy36G9C-ltsKfvqAgmhsRkUh993WM2tQsSROB5EcuoBYRsl1nWby81jOa-QXpxDvzsWsXfz-KF68Pt-2qMAe6GJCcH_SPOZn_JqiNvzM-NZ8go09kecxXan5-spaKHisy1QFE4PMtrmfgyIFMQl_ypCuB8DwV-RZ1DxcUBZ2zH9TH03VyFSvPefH08yiKmv1knmBHXphF1wzz5iW5byRueNKeCalxYlM6XxPnQnVZ-3XaVcPXoK30Ltdt06rxyRCcY0YVZiB1V5hBpof1bRIsSBakjCNTaarI3JCWD7mHJ7uimCO9kigceWzLFQfBlMNhcFiv5A2s2f-1Y4S&cid=CAQSPABygQiDvlcc2E5t3c-G3gbKnBaMXvhj0H7MeLoV5I8Zb9kR-i336fUHByV3qxflwaUKFNdTN5rLM2IhPBgB&dc_exteid=31126606106271750660273337707392187&dc_pubid=4

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1394 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg4xeOVOTZKeHN8HjnsEP5b2fsAr_0Ojlb6zX6_ycEfAuEAEg1obbJWCVgoCAlAegAdOp3fkCyAEGqQLNnsVdpVOyPqgDAaoEjAJP0DY64AAX9ZB-5qAyWg5dbHQZdieZL1laUyAB52ZliZnVMjRYjcAu1O6dGL9HlK29Ft8gjXm6oy2u3EMMhf78VzN_DRYjckunozhIfUwLDBukmDJGNiiy57-lGt4eLQiDo8rnsC1uJHrScam4rWD3UZCie2yu-x56iqm6aMTD5G4jEaeDnBWe5CX22u4i5AIS_bCtXNK2XJCDFpMZ-X79Es_IGQrvARUCrowxaew6pENZ60eunINhIby-zwh2Bskv7Q_YLkvDc9xJ0c_dIQ_xguVjn7_remaYY6fIHtaGBpDZ2brQ4JFz8z8ZNRedWkcXrOYpZhwTNW6pc8OSYcDnxg1HgQXNBPDf2O7swATcnJj-qwTgBAOIBfjqm5VKkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAeV1qKGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEJKlHRjw_-blAdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwGwE8O84xPIE5vtjuID0BMA2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTMyNDAzOTYzODYzNDE5NzAYvpcO&sigh=rSM6xYOBfRU&uach_m=[UACH]&cid=CAQSPABygQiDvlcc2E5t3c-G3gbKnBaMXvhj0H7MeLoV5I8Zb9kR-i336fUHByV3qxflwaUKFNdTN5rLM2IhPBgB&template_id=509&vt=10
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E28B 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 12:58:07 GMT
expires: Thu, 20 Jun 2024 12:58:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0AAD 783 B
955 B 34ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e0350d0e48e854e67a6700821dbe51032a213ab2c2278276fb8185a690486c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hKXzU-nD5YwcQVJqymKmzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hKXzU-nD5YwcQVJqymKmzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:58 GMT
expires: Wed, 21 Jun 2023 19:44:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5AE3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Lra7RnxsS1pFdW5GczRQQWluQ0NYZU1uc2lVOGMrYkU0NmRRWFprUUF1UjAwS1Z6ZmJtSDlqM3lvL2JNVmFHOGp2ZVRvR3FqL1cyRGpLRkZnSk04alpRb1BSZ1JYYWN0S09VUDROZEk4TVJ2V2lRaEFHUTR3bnBuZFRPMU...

460 B
663 B

140ms
56ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Lra7RnxsS1pFdW5GczRQQWluQ0NYZU1uc2lVOGMrYkU0NmRRWFprUUF1UjAwS1Z6ZmJtSDlqM3lvL2JNVmFHOGp2ZVRvR3FqL1cyRGpLRkZnSk04alpRb1BSZ1JYYWN0S09VUDROZEk4TVJ2V2lRaEFHUTR3bnBuZFRPMUo1RDZtMU9GY2ZONFRKbUlEbGp0QnRGd2FhTEJyUTBUK3k3aE1QUlhib0d0VnVsamdjM09PYmh2MGRqT2FSUUtVOU5Xd1VPblBtWGFYaWhzb2tzWERtcE1FWVVhR25lZHA3eVlHb09ZMUtmcHQrNVZXTmdoU2IvRktUNlpONERyQTVydzNLZHhCaVVvQ3BqV1lrLzNmWitLZ1pEUGpvTVpyQlp4ZnRXNHdSSk1teXdSR2t2UT18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c89adc1d9f55ed6c6b5e08197fc7f57945efab6a1cf85e90af12db188ef55a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 19058849
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Lra7RnxsS1pFdW5GczRQQWluQ0NYZU1uc2lVOGMrYkU0NmRRWFprUUF1UjAwS1Z6ZmJtSDlqM3lvL2JNVmFHOGp2ZVRvR3FqL1cyRGpLRkZnSk04alpRb1BSZ1JYYWN0S09VUDROZEk4TVJ2V2lRaEFHUTR3bnBuZFRPMUo1RDZtMU9GY2ZONFRKbUlEbGp0QnRGd2FhTEJyUTBUK3k3aE1QUlhib0d0VnVsamdjM09PYmh2MGRqT2FSUUtVOU5Xd1VPblBtWGFYaWhzb2tzWERtcE1FWVVhR25lZHA3eVlHb09ZMUtmcHQrNVZXTmdoU2IvRktUNlpONERyQTVydzNLZHhCaVVvQ3BqV1lrLzNmWitLZ1pEUGpvTVpyQlp4ZnRXNHdSSk1teXdSR2t2UT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 307182
content-length: 0
expires: 0

GET
H3 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C687 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4AF 143 B
166 B 21ms
19ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1706
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BFB9 1 KB
643 B 66ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0AAD 0
0 97ms
56ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306140101&jk=748411841322753&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1394 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27cb188f5924e222d5e8dfcfaed9898342e2ed84db24b8c7fe63878c0bb6f7af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame E28B 38 KB
14 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 20:36:26 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1098 624 B
242 B 61ms
60ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNWl2F0O6BytnrBlWK9L0lGTIzs8ifHtmtPZ9RRrhUvivu7iz9ioo_Sh5r-cfmBSYi9zKiSoHhm3xoiMwZ2J9fvRCgOBeX7ap3vJNeMP3tpqxaRCR0jsvdxV4GhMNCbkgk5bJAWiIQybmEqj5OF6QrnSkusjaySav2INHWYd8n2dfRC8kNIBkNM9uY305YfP7aI5-vTh

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C687 78 KB
27 KB 91ms
82ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C687 42 B
63 B 64ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2O_sGnMryvrkhvwnKLrZMoxMz7orTWpc8N0wnNdS9P_Shb2-aaEzYFe6AMdAVm7BWMtKmdGJOdvIeLYOXlu2SgUc47WDBjaGYon29xMr4RzW9Gvg

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C687 0
20 B 65ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14066248377912649144&x=1&ct=76

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C687 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C687 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C687 0
0 29ms
28ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKZadU9pkg9lRX7cVoS25EfIW0NdveIL9myL93u_7lmw3mF86m6IfNXC-IgQf-wFUz-I5rSyvpK4p6oWfj02MuPjj2Yg
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C687 178 KB
56 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D4AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:58 GMT
expires: Wed, 21 Jun 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BFB9 0
173 B 84ms
30ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF6JxPAYQfXBKyZQZ-nldAA&google_cver=1&google_push=ATf1kGNWLHsZEsAMIz4cGaeqoqNRJ4UQMMy-88U-EDd9yMKthEvoNqGLBvblctVJUYEzzks74DegSB4CmhBnzv2RWhNLM2443bLi
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFB9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBc1DfHLCHX98AbBmXWxZ7g&google_cver=1&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0NdMm...

170 B
243 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0NdMmu3fnAZh_I

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGNKEenGykBeRiahf8h_FSzFxvbbOi8BteBD7aHOpTVaqLRaOp5aXEIDoBfTuxbhT9uNOGvRz3CmYJymt0NdMmu3fnAZh_I
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFB9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDTOLuWw8q6ikAoqGC9pqZY&google_cver=1&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm1...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDTOLuWw8q6ikAoqGC9pqZY&google_cver=1&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20C...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMyNzcwMjk0NzQ3NDU5MDEzMg&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqv...

170 B
188 B

43ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMyNzcwMjk0NzQ3NDU5MDEzMg&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm10NrgKSJX9oB4S-3ofC0i

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzMyNzcwMjk0NzQ3NDU5MDEzMg&google_push=ATf1kGN7F0W-IoM8KMT9wuU90vg9YGbsH2nAAesU-zyuvIcwHfdgZH991ZIKIlEYOIuvWy_B20Ciqvm10NrgKSJX9oB4S-3ofC0i
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame BFB9 43 B
245 B 103ms
51ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDUbJLillqFsKltxLfEw704&google_cver=1&google_push=ATf1kGNYkOiLpLcmFjM16bcBlmekVsEjo_UxZtdgO7mnkx5s_E2AMThSAK7CeaAP1NjpR3mB_3OD29wdcQ4BOHTMvlHNKFPm05Rw
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BFB9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E7lFpLLaSmuI9FMpY8Sa8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E7lFpLLaSmuI9FMpY8Sa8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNmLWnlAFF74O7itZ2Zf5R_dPVdEuGyzDZh-s9zwy2YtlIrePoHnSClD5HUkd3y7FI_HHOfFX5XEL8lanrWBfvTI-p7yGo

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=E7lFpLLaSmuI9FMpY8Sa8g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNmLWnlAFF74O7itZ2Zf5R_dPVdEuGyzDZh-s9zwy2YtlIrePoHnSClD5HUkd3y7FI_HHOfFX5XEL8lanrWBfvTI-p7yGo
date: Wed, 21 Jun 2023 19:44:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BFB9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGNJESIjDftAHkZhyOVOh...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&google_hm=A52DkGDZRUnhlXtDSRAjt00

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&google_hm=A52DkGDZRUnhlXtDSRAjt00

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGNJESIjDftAHkZhyOVOheqIAGrkSlqpnJS8twAIWoHoTdY7qbewhzPsWXiXilSMIo0E3g3DOFPY9KzJka2eoPZE9zpqdENj&google_hm=A52DkGDZRUnhlXtDSRAjt00
date: Wed, 21 Jun 2023 19:44:58 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d839060d94549e1957b43491023b74d003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame BFB9 0
45 B 164ms
37ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBg6Y19jzzAlx-w_qs5FtbM&google_cver=1&google_push=ATf1kGOVfRpiZRFNmw3kO4mD3o6skFNQ1Zu5uGmXIG-HeIVPb-wDIHI_W__mfGpMouUFfB32dUyHh4Fr-AvHbgQrI-SEl7TqtyU
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BFB9 0
139 B 97ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0juJdKEWmrNZziGLI9kOuE3FQlOvRqa_8vw11MTshv2gNhREgNU8B8eSFp5EIBg8MFZNL

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74EB 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1098
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1&C=1

43 B
632 B

36ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNWl2F0O6BytnrBlWK9L0lGTIzs8ifHtmtPZ9RRrhUvivu7iz9ioo_Sh5r-cfmBSYi9zKiSoHhm3xoiMwZ2J9fvRCgOBeX7ap3vJNeMP3tpqxaRCR0jsvdxV4GhMNCbkgk5bJAWiIQybmEqj5OF6QrnSkusjaySav2INHWYd8n2dfRC8kNIBkNM9uY305YfP7aI5-vTh
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1098
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNWl2F0O6BytnrBlWK9L0lGTIzs8ifHtmtPZ9RRrhUvivu7iz9ioo_Sh5r-cfmBSYi9zKiSoHhm3xoiMwZ2J9fvRCgOBeX7ap3vJNeMP3tpqxaRCR0jsvdxV4GhMNCbkgk5bJAWiIQybmEqj5OF6QrnSkusjaySav2INHWYd8n2dfRC8kNIBkNM9uY305YfP7aI5-vTh
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 1098
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqIoS2AHzViaxL5bGTXAaY%26google_cver%3D1

43 B
1 KB

24ms
23ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqIoS2AHzViaxL5bGTXAaY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNWl2F0O6BytnrBlWK9L0lGTIzs8ifHtmtPZ9RRrhUvivu7iz9ioo_Sh5r-cfmBSYi9zKiSoHhm3xoiMwZ2J9fvRCgOBeX7ap3vJNeMP3tpqxaRCR0jsvdxV4GhMNCbkgk5bJAWiIQybmEqj5OF6QrnSkusjaySav2INHWYd8n2dfRC8kNIBkNM9uY305YfP7aI5-vTh

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
AN-X-Request-Uuid: afccc0aa-1c09-4fb6-85b3-fab5d1903f90
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
AN-X-Request-Uuid: 5927b58b-ba24-4153-b8cd-bcf49efe680a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHqIoS2AHzViaxL5bGTXAaY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1098
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

170 B
188 B

35ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:44:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 980e985b-14f2-4c20-ad9c-8ad8cab6a738
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C687 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3019666486459&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C687 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3019666486459&version=m202301230201&ct=76&x=1&cor=14066248377912650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C687 102 KB
39 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0AqpZSVrmzkiVeJjEIYfGcVqkA5TQb1hASsEMI_m4ZSI-a79PyvPUnL5twZB4Dt-WbY8OBCZPkSj0XlCwZSnYG483wwZp2QDrbepHhXTr6sz6_uwrC_sgVy0HNk0iRfFNP3fNGJSmHA1ezq3JsLUOuV6GP28288uTLnVa9xM0BOkN-_o&dbm_d=AKAmf-CR2TwrYqcDUOx29-JncNZsf-3498I9hMedohnzk4t1xlt2K8pni6NfcBhtqCDkSE9qownRUxyATCioRfCUs275MNhczkJEBZGQHuMMQW_Of2mZSGHO8AUPAjAABv2ioL_iFvR8dXq4Oid8egHGPZkxwARQElDzauoOD0C5WmvHQNVn_KSCZYVYbViEoTuo0KxWv6Grapjx-9hR38OK5WRAUrJGY9cR3-pkwEEKEomK5n829CqWE_xcrqvm6W2BFYjbsBd3W7uZ6AJHuMxX3XUPrYue4bGqP8vqdXgHC8CDdKeDXdyyaOrkIvg04btQyaFProceX6O4mJ_3XJ0SaxvG2sPe7vX6OdUyjvVSVggBph7xVk59d1Md1PRvRjCdgvV1pcMwDhNvArXUpdR9PvtLeVlWaewnKiod_3A3k4xSTN0LG26l5Zw80J_Q66SNe-KjdpX7yGVNxkdJOnbkplluQwiOSzvKsEamdz5vJHJiQnnjzEWmF0lUCeBCyzEd2KWDCt5cydBCO6OX_mZnFbkEnZwOkTFqLhuj8yN5rKTYuXHMV_7IvXs5Vhcz2vLpvPTTs2V8BNlTfm_rQtrtZUYitGjdIEfOOwK_aeSOuaRezgiWKoGFXvSIv-2207lskqnq-DTXAbXUNO4a5SaAUuDz3rdeMf2fCy3A0KhNmIE7regbUOXP-uZ4hLqEzq9VTKOMN-VQ7XQBVPbifJtG3KWoMI0L7f8T4yF-URAYa7bVHYr0ImIcD2klHtZ19UdFPf9PFXRzM4wU8BL9AkhGVFqokiJOW6Rsdat-dsSTEXUlO16XOHLJNV0M2Q7M93js1B2pNRwSsxZjxqB7Gv87uEURvd4JlpwF4TnSsnCBBDUnoQvHy-8Ms3NPfeB11AD1Elr5CZz1AeZv3DmgWy7ACyLr9T43op5ZZUe9qbF96_jD5pulK7640wRG3TQvC4D4i82lzKbC1j7DXCwz8OZ3SXTLuMXM6-DqaOw6US1W6hYt2v4DLLZLlMLS_WQaD5IWW8ncAA_l_Y7LMQSsArrzKgV5DeGwLIUPhoIyhxtiTzC1JpTc7As-I_8vlrBZa9LkGpkeMD2wWDigMwfO_tWM3325a5rREK3e0VmGfLKKTNCPZzJ6h90c2FqvoE9mn9JYtqxhiyvfUYPxP8rS3jOJv4A8-O3xBdcgtwrBUS2rWiP_S95qfQrdi8wBwEaPQJVCafmBHcRMXdkpLcacjKf3E7d-MVbZOceFAa37dVPtKk1nTFMpR1CMepID0FlsqGsCAhro8WTkC-XR8ifIc8qdtcApmDK43CsKmYD9lzlKS2ls2pAHNEKYJXi6J2hE0aJjSuAXLq91zjkYFJTcJsLu2iC_CLl0s2vztWrVcwqemmtvmcsTk5Iq-7BBD005qRNdtFmy6Dhg_S8HogbiDhLo1IBqqQqPX4vEN_w7An5wEZed3HJ86fHhY4fzcmEQEpUvs-E1r3haKwMjnIpUkXeFz6riPGJAbXq7E4dS_qRYitrYKO6K0zMvjVEJvAjJa_1pp0aFasSL7tMTTezgdhQ9ujjrDXmVCubxmc1Gm63Qxc5YIjbgtb5K95PMHnI77MpjwDtiHCdvlJqHVzRI57S3isOzKX9a6tXK0kSC2whSLLCd9BpkKcd3A0xIpgOXkZ0N1fpDcjaNvVa5QsKsSaRTCOKvf4tcE-pnBa_pTzFWs-wrWD3xZyGyugLZCeve2sYo5kavQrd6_QVY7YXg_zijlDL47qeJ5Yjw3f6oC3jbfRJU2tWIe8lmvRZwDGL77XO6GZ64jgvKHxjqtWWGJhtPMAu080NKuLMcG_E22Z_wtgALTaWalOxYaD-pCyo956dRlXlOXGZYVuSqE7MVvlO8d6WwgY6LwhpMwb1joszk1Vq7Ygopb27Q7ANtbP8tVY2ff3PWlYziQ8HT_l_nMaZoPcP8x-LlW9KDP_1Z88fjeR36qj8JhGpdcOGhjtsvulUc4UfFD3lr1-rmLZc3X88x9NGcndWiJxXLLznTMy2GmN3mV9LGA8V_jY7r0wF5RnBR4Aa9KKB5LVqzpjfvkrMV9YMZsj2ykJ8oxpM1rj0FWqZspYvgQH4i20B6neQcOd-epN3T5tJ8BGg_6LNhzszAfw7JkNAEAKxAnMMDzz3EcCXjmCPWGbTkJHB_JJnAV5msIo8V_pNEHcN1qbfsRs_0zf_meq9XsTDrdY48N8CMfQtwA7yy8ReU2fX-bsBU-GAd3HXMMaiYMHQLtoiU-IVY7vBJ442BEXJ1P9NkHnYE3cE0qEOxGo0ojCmFKPcu9mZJHsZ6fJIjCYfwJoLOVrEgjHSBWsvx7MrCvJLQfWkTMaQHmEFq0_0KBXmBI_180YGNkha5nmrGSezYXge6jR_FYyBGAQO9OYJxGqtsbKIoqE7O4iYl3gkFDUAEJ4VKsYRwGT664qUHx3JTI7HzFaHOKLIgX5wSMLNbMyfeG0SjFQnMv2Kd1rnaog4_UP34v38lIUksx6FydusWcrfr39tPkiaplgtcc0IdgH6TvPe-woBzLmg52-yv95xZwwpTh67gnLmmmrrdawGa1H1yZzQo2boZMm6goifppQqTTwVhcSEfhIFmJvvYBygBxMKUP9L55PbjtgqQmilQXCLeGg6zqf63g16rBrEBxQJ8NzEmZeQrDGAU-5Bj4nEe04KX2EQenSqh8jp95WxZS1nmygJ6qLceCRVSGJPI_PUNdHDEi65JvMJpIajq0e31V8ei-6FGFAQTIc0nOZMRZ5mGiMzRwPYgplFnjqjNJgFvCDKuLtFgVCikdOG2tvznD3cDWlq0Wdbh3fuQLaLkTM8eVryw7_j5mQiH3b-9vkqbY4OLSal44TTqML-wt2xK3Y90mGkT9CxdQXBf-hKA9tZmRQlx4p2TLhK9s_HF1VfYkaDJYXE66JYSlsOHOubitRbAEXc6gh25jI6m3XdNKW02YaselQhd7Xr1HHSwWHPQi3cpdayqkbCHttHqWSOmAPwIwQrXYLFPzXNoQimjwVU9fgRbzHNuYtyUYk-cHjoIv7mKgEVVbKQeuIgXPkzQiFRXNJv14De2KON4ll1UzONbkvQN_jQnVGrxZvkBbdeNa1hGhqjQjd8_IrFXDZ6kz61_NNBQixhBHcKgDfigL4YfMC8jCdLkEm0sGPSNbfXE9FYbqIpw4rEHn_b5rS37b4ocGoy-DunaIGjedQA1YgGLQWQfDrqq4HS8Pr98gYgNkqMFRR9UOhFNTzBHROqDAqdIoKMk0UzxKHB8KwtcxjGyw10vMLssz2kON7V1rzxMJIpjt43zDOaSTL2OXEuAbSrG7YfS8YCjX0W5CSyk1XAw0VBgQ5YIj7Xt6bweNNMoFgik3rNfxWKGc5yW50GHgjn3G1GAdas0aCl0ZEsgxuku0odvjEcb2OKR4UlETNj4MMmBjeoI4kzSSfnSxCmmVqitfLstHaVkgH7pUtEhy9IHPtO3xZQrTqHJUVqpbZ45HGapc64pTHQ02NLwn4vEst22DTzjpD-TbbIJBLIJ3zmrkFbqWzULHLMoLyfJtj75SCy5hcFUTTxoH7Ewg-xqVcxiMVtkvZT1X2BXsOhuT_zOwb1ES0nCmXZWwx1cMnsUBwQ8gyVg_cRhcQTyF0jumXGDrrzRmXCi8PN2wnweiYXpZwfokGrI5c3NvczFsH2Yh4eIo-UBVGe75NeHA0rC-tARu1Z0j0LuwL5rZr5cx1lx3Eiz1jVK7vLy6LbZPRu6dTcGj9gmNAeKpezfTZzoWaNiFsn5MARZsr3V84IZpHZnaOkDuNGyZAR1QGwbf_ARlnGt6c95y0inROdXL6tNOK6Sx88Uqqa88vSX4vGLfTQOf7ATvMWmsXPCigg2808ZO-Jldn5ATxY-UJw&cid=CAQSOwBygQiD0MFoyCXkIJ5BUbUm9rBjK_UDzMG6uxP25-smX1VA2hSyz8Vdv-FgERdwBcig0Wp2wlrzDskTGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=14066248377912650000&adk=2228999115&idt=104&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07d52b76cecb08d6f2487da01d088f491815912f747bd22a86c4ecad988773f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 496A 624 B
242 B 66ms
64ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNWAXJ7iO94sLJm1gQ_39I5CjGsUb9lxHmkFbqphe2HqZB-t6fHOC0r6H4HcmkT1nIWzP8wQ1iMsYNf8H4DZzzYj2ZBkEUtCRBaFI1dYsJQXkoF-1emAbcWGNBIC8-mKDvjSYfJEbQ4369gXoBbmZyViwaDHFBsEasKWWXQZDuePXY2IsGf4z6QUBIgCHl8tzhCCav-A

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 74EB 78 KB
27 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZfF_-F2s0fSX7Z3T2WOEionVxW9X9tabdsaTmPUXturo_Et5KHqnGxRQMs4IveXBvq4vvSQnHfK_rRQjlX-3X2DMXfQ-95IgXFvRhuwJufQleD60

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 0
20 B 59ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12523580099974610879&x=1&ct=76

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 74EB 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 74EB 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 74EB 0
0 31ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTc1X5DRHX-LC4DULzJagUVbbU4jFNQqyfE1MFGkYzwCm7coHbzKhEvG_WAYCXZ9P8MFqQ_RTPTYHmaTgdWyY4KbGj3Qw
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74EB 178 KB
56 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E28B 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BZ2hYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 496A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1

43 B
632 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNWAXJ7iO94sLJm1gQ_39I5CjGsUb9lxHmkFbqphe2HqZB-t6fHOC0r6H4HcmkT1nIWzP8wQ1iMsYNf8H4DZzzYj2ZBkEUtCRBaFI1dYsJQXkoF-1emAbcWGNBIC8-mKDvjSYfJEbQ4369gXoBbmZyViwaDHFBsEasKWWXQZDuePXY2IsGf4z6QUBIgCHl8tzhCCav-A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBeM-kC1fUmcNVHsp8rHaWk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 496A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnzNgjwBIdzN0ZzC-HvPCQ&google_cver=1

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnzNgjwBIdzN0ZzC-HvPCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNWAXJ7iO94sLJm1gQ_39I5CjGsUb9lxHmkFbqphe2HqZB-t6fHOC0r6H4HcmkT1nIWzP8wQ1iMsYNf8H4DZzzYj2ZBkEUtCRBaFI1dYsJQXkoF-1emAbcWGNBIC8-mKDvjSYfJEbQ4369gXoBbmZyViwaDHFBsEasKWWXQZDuePXY2IsGf4z6QUBIgCHl8tzhCCav-A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECnzNgjwBIdzN0ZzC-HvPCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 496A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1

43 B
1 KB

269ms
269ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNWAXJ7iO94sLJm1gQ_39I5CjGsUb9lxHmkFbqphe2HqZB-t6fHOC0r6H4HcmkT1nIWzP8wQ1iMsYNf8H4DZzzYj2ZBkEUtCRBaFI1dYsJQXkoF-1emAbcWGNBIC8-mKDvjSYfJEbQ4369gXoBbmZyViwaDHFBsEasKWWXQZDuePXY2IsGf4z6QUBIgCHl8tzhCCav-A

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
AN-X-Request-Uuid: b12c27a5-9c89-42dc-b95b-01e6e8dc5244
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHqIoS2AHzViaxL5bGTXAaY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 496A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:44:58 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: be4559c4-a711-41d2-9f6c-470756c40bd7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA0MDgxNDMwMDA0OTQ1Nzg2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1431402/70901275/ Frame C687 244 KB
73 KB 165ms
47ms Script
application/javascript 52.208.62.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1431402/70901275/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20006179863&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iQtXWvnzALQcN97jhmJ6fE
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.62.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-62-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ad79d7cb23cb884826766aecbff4c9a4a58b5570ce22a869d20ae2148b79ea9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C687 111 KB
39 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Origin: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame C687 11 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0AqpZSVrmzkiVeJjEIYfGcVqkA5TQb1hASsEMI_m4ZSI-a79PyvPUnL5twZB4Dt-WbY8OBCZPkSj0XlCwZSnYG483wwZp2QDrbepHhXTr6sz6_uwrC_sgVy0HNk0iRfFNP3fNGJSmHA1ezq3JsLUOuV6GP28288uTLnVa9xM0BOkN-_o&dbm_d=AKAmf-CR2TwrYqcDUOx29-JncNZsf-3498I9hMedohnzk4t1xlt2K8pni6NfcBhtqCDkSE9qownRUxyATCioRfCUs275MNhczkJEBZGQHuMMQW_Of2mZSGHO8AUPAjAABv2ioL_iFvR8dXq4Oid8egHGPZkxwARQElDzauoOD0C5WmvHQNVn_KSCZYVYbViEoTuo0KxWv6Grapjx-9hR38OK5WRAUrJGY9cR3-pkwEEKEomK5n829CqWE_xcrqvm6W2BFYjbsBd3W7uZ6AJHuMxX3XUPrYue4bGqP8vqdXgHC8CDdKeDXdyyaOrkIvg04btQyaFProceX6O4mJ_3XJ0SaxvG2sPe7vX6OdUyjvVSVggBph7xVk59d1Md1PRvRjCdgvV1pcMwDhNvArXUpdR9PvtLeVlWaewnKiod_3A3k4xSTN0LG26l5Zw80J_Q66SNe-KjdpX7yGVNxkdJOnbkplluQwiOSzvKsEamdz5vJHJiQnnjzEWmF0lUCeBCyzEd2KWDCt5cydBCO6OX_mZnFbkEnZwOkTFqLhuj8yN5rKTYuXHMV_7IvXs5Vhcz2vLpvPTTs2V8BNlTfm_rQtrtZUYitGjdIEfOOwK_aeSOuaRezgiWKoGFXvSIv-2207lskqnq-DTXAbXUNO4a5SaAUuDz3rdeMf2fCy3A0KhNmIE7regbUOXP-uZ4hLqEzq9VTKOMN-VQ7XQBVPbifJtG3KWoMI0L7f8T4yF-URAYa7bVHYr0ImIcD2klHtZ19UdFPf9PFXRzM4wU8BL9AkhGVFqokiJOW6Rsdat-dsSTEXUlO16XOHLJNV0M2Q7M93js1B2pNRwSsxZjxqB7Gv87uEURvd4JlpwF4TnSsnCBBDUnoQvHy-8Ms3NPfeB11AD1Elr5CZz1AeZv3DmgWy7ACyLr9T43op5ZZUe9qbF96_jD5pulK7640wRG3TQvC4D4i82lzKbC1j7DXCwz8OZ3SXTLuMXM6-DqaOw6US1W6hYt2v4DLLZLlMLS_WQaD5IWW8ncAA_l_Y7LMQSsArrzKgV5DeGwLIUPhoIyhxtiTzC1JpTc7As-I_8vlrBZa9LkGpkeMD2wWDigMwfO_tWM3325a5rREK3e0VmGfLKKTNCPZzJ6h90c2FqvoE9mn9JYtqxhiyvfUYPxP8rS3jOJv4A8-O3xBdcgtwrBUS2rWiP_S95qfQrdi8wBwEaPQJVCafmBHcRMXdkpLcacjKf3E7d-MVbZOceFAa37dVPtKk1nTFMpR1CMepID0FlsqGsCAhro8WTkC-XR8ifIc8qdtcApmDK43CsKmYD9lzlKS2ls2pAHNEKYJXi6J2hE0aJjSuAXLq91zjkYFJTcJsLu2iC_CLl0s2vztWrVcwqemmtvmcsTk5Iq-7BBD005qRNdtFmy6Dhg_S8HogbiDhLo1IBqqQqPX4vEN_w7An5wEZed3HJ86fHhY4fzcmEQEpUvs-E1r3haKwMjnIpUkXeFz6riPGJAbXq7E4dS_qRYitrYKO6K0zMvjVEJvAjJa_1pp0aFasSL7tMTTezgdhQ9ujjrDXmVCubxmc1Gm63Qxc5YIjbgtb5K95PMHnI77MpjwDtiHCdvlJqHVzRI57S3isOzKX9a6tXK0kSC2whSLLCd9BpkKcd3A0xIpgOXkZ0N1fpDcjaNvVa5QsKsSaRTCOKvf4tcE-pnBa_pTzFWs-wrWD3xZyGyugLZCeve2sYo5kavQrd6_QVY7YXg_zijlDL47qeJ5Yjw3f6oC3jbfRJU2tWIe8lmvRZwDGL77XO6GZ64jgvKHxjqtWWGJhtPMAu080NKuLMcG_E22Z_wtgALTaWalOxYaD-pCyo956dRlXlOXGZYVuSqE7MVvlO8d6WwgY6LwhpMwb1joszk1Vq7Ygopb27Q7ANtbP8tVY2ff3PWlYziQ8HT_l_nMaZoPcP8x-LlW9KDP_1Z88fjeR36qj8JhGpdcOGhjtsvulUc4UfFD3lr1-rmLZc3X88x9NGcndWiJxXLLznTMy2GmN3mV9LGA8V_jY7r0wF5RnBR4Aa9KKB5LVqzpjfvkrMV9YMZsj2ykJ8oxpM1rj0FWqZspYvgQH4i20B6neQcOd-epN3T5tJ8BGg_6LNhzszAfw7JkNAEAKxAnMMDzz3EcCXjmCPWGbTkJHB_JJnAV5msIo8V_pNEHcN1qbfsRs_0zf_meq9XsTDrdY48N8CMfQtwA7yy8ReU2fX-bsBU-GAd3HXMMaiYMHQLtoiU-IVY7vBJ442BEXJ1P9NkHnYE3cE0qEOxGo0ojCmFKPcu9mZJHsZ6fJIjCYfwJoLOVrEgjHSBWsvx7MrCvJLQfWkTMaQHmEFq0_0KBXmBI_180YGNkha5nmrGSezYXge6jR_FYyBGAQO9OYJxGqtsbKIoqE7O4iYl3gkFDUAEJ4VKsYRwGT664qUHx3JTI7HzFaHOKLIgX5wSMLNbMyfeG0SjFQnMv2Kd1rnaog4_UP34v38lIUksx6FydusWcrfr39tPkiaplgtcc0IdgH6TvPe-woBzLmg52-yv95xZwwpTh67gnLmmmrrdawGa1H1yZzQo2boZMm6goifppQqTTwVhcSEfhIFmJvvYBygBxMKUP9L55PbjtgqQmilQXCLeGg6zqf63g16rBrEBxQJ8NzEmZeQrDGAU-5Bj4nEe04KX2EQenSqh8jp95WxZS1nmygJ6qLceCRVSGJPI_PUNdHDEi65JvMJpIajq0e31V8ei-6FGFAQTIc0nOZMRZ5mGiMzRwPYgplFnjqjNJgFvCDKuLtFgVCikdOG2tvznD3cDWlq0Wdbh3fuQLaLkTM8eVryw7_j5mQiH3b-9vkqbY4OLSal44TTqML-wt2xK3Y90mGkT9CxdQXBf-hKA9tZmRQlx4p2TLhK9s_HF1VfYkaDJYXE66JYSlsOHOubitRbAEXc6gh25jI6m3XdNKW02YaselQhd7Xr1HHSwWHPQi3cpdayqkbCHttHqWSOmAPwIwQrXYLFPzXNoQimjwVU9fgRbzHNuYtyUYk-cHjoIv7mKgEVVbKQeuIgXPkzQiFRXNJv14De2KON4ll1UzONbkvQN_jQnVGrxZvkBbdeNa1hGhqjQjd8_IrFXDZ6kz61_NNBQixhBHcKgDfigL4YfMC8jCdLkEm0sGPSNbfXE9FYbqIpw4rEHn_b5rS37b4ocGoy-DunaIGjedQA1YgGLQWQfDrqq4HS8Pr98gYgNkqMFRR9UOhFNTzBHROqDAqdIoKMk0UzxKHB8KwtcxjGyw10vMLssz2kON7V1rzxMJIpjt43zDOaSTL2OXEuAbSrG7YfS8YCjX0W5CSyk1XAw0VBgQ5YIj7Xt6bweNNMoFgik3rNfxWKGc5yW50GHgjn3G1GAdas0aCl0ZEsgxuku0odvjEcb2OKR4UlETNj4MMmBjeoI4kzSSfnSxCmmVqitfLstHaVkgH7pUtEhy9IHPtO3xZQrTqHJUVqpbZ45HGapc64pTHQ02NLwn4vEst22DTzjpD-TbbIJBLIJ3zmrkFbqWzULHLMoLyfJtj75SCy5hcFUTTxoH7Ewg-xqVcxiMVtkvZT1X2BXsOhuT_zOwb1ES0nCmXZWwx1cMnsUBwQ8gyVg_cRhcQTyF0jumXGDrrzRmXCi8PN2wnweiYXpZwfokGrI5c3NvczFsH2Yh4eIo-UBVGe75NeHA0rC-tARu1Z0j0LuwL5rZr5cx1lx3Eiz1jVK7vLy6LbZPRu6dTcGj9gmNAeKpezfTZzoWaNiFsn5MARZsr3V84IZpHZnaOkDuNGyZAR1QGwbf_ARlnGt6c95y0inROdXL6tNOK6Sx88Uqqa88vSX4vGLfTQOf7ATvMWmsXPCigg2808ZO-Jldn5ATxY-UJw&cid=CAQSOwBygQiD0MFoyCXkIJ5BUbUm9rBjK_UDzMG6uxP25-smX1VA2hSyz8Vdv-FgERdwBcig0Wp2wlrzDskTGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=14066248377912650000&adk=2228999115&idt=104&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame C687 30 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C687 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5502946254542&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5502946254542&version=m202301230201&ct=76&x=1&cor=12523580099974610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 74EB 93 KB
37 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4tG-Na2YpBm6nK7F8G8ZayzkV_OOr01ytCAI-amFKq_TnA_iD3xnUs8M2rpO_TgPxrazBbxlOrFxXEpwcd9z5AaW2KUkA2xTF_vFLGjl5LCFvCGBtRMjFu8J8yl3P4CH2tnpU5UJPucdEOmqNH31aTRtBep17T4J1qNfsNdoNkAdar-Y&dbm_d=AKAmf-AM3e9HCLTIfS7EUCQ3Ghe6QGKxsAS7rHYbcbf7J_PwuX_JsbPFHtH5GA9HAlo7h5CGVG8JW-aVDrUmj_UOWtG7T9hb_FaVXxBuExwkaLZjwJmtPIpZCItBNLi6EXjKxScH7XUXhv50DRte3sbT-zcCNkDZ3VAJsis0XWtQfOJeezNxigq0skg4VziBFCTJGyXyJqe2a_EveFHom2F52lBD3EAnH5nR8Kz72M7wEAtQHtxSUcEZHrOj58jSOPAxqm-keqKfcS3VVNxHaORIC6Shg3HavZdAJw4LD7OY0J5TRnXIf_xoGfuMTUiOBrd7HtYctj9Nbu0QFa2goT_3ZB5hl_4S8TMjoSVKZPmROan2Vl70DNfRhHXWADbzNaB4WCQjjXvVhOr1eTO7XELx_V8AvRqiiE9O1U-2T1NVkuKoPETbsg4Uebr2wgz-iEpBlEcucfJijRsHJ5khWGp5uuftDe7UlqmgPO4OLFJPGQaV_M5K0Vp8RUkAfMYJNVNQ7OCD6xY8a6lcs6CzFi0Z77XlG68CWwSPulb-f1IDwoNv7Dg8kYdJUThrkvlUkJzMiIzY8Z2mftMpUXOZuY4_sPCzH9eAThPN4YUNrh5jSEqVKjOCu9ss5gxF9FpZ5q4bGaHYs-xQipMX3AtrZTO-T5WqaCQCvxvsuIHJiX5DlFLw3p1Bpzu1kTxNKeximuDeI753TfIBvBspNQsOJHtCN5Vmh04VG9bTHwE7mchReZ2kO24GKaSLg4tA-eYan651-jGg9UBgl3xiq-r1uyz5WAEF3_StkynjsrB2yALBetFsRko5FCOfaEAfUu5vU8N0dbI1mwAfYDjQVONjRnSkZtoyfmFgnKm5ayQmpchxqKzJTAM5nFu9NMKrT-wN7qywiI6pNeyxovxguBf8kcJ0TPWrGPjBhVNMKhavBbr6xGQ66tbvou_0JnzJiHO84f7b-LXYNYWsAd6lNDLed1dQLJyrB2VXedfpIYMtCtTQ0yah8IcvD7_eQR2J6oS5-aSdMkn9cW7XqtxIRD6hDddRj64QmoWHqDZG3uMROmCqcKIEL7Y1NgwYlVb8dvU1DZjs7jxcjXweXJMmmOg-UDdWlBnaoltOZe-YeD63AWgZJvWNVOTY1MGHp5mwKf-BYCRgC6l0GoSBdufm_lx7rxQe7hZuKDcbKA1sG23Ruaujz7n8NHZUlluHGozXDR24uL1QtCVk9pbQzhaOJ0Z72gUrA08nYt4jDPjgb-1jP9Ua_6fKNR7e1Bv3ttw6w8b9Qm2_cCWjWBr4Bp9v-Of3qaxxs3_aUUn0a4VazJnKQfjIyeZerIJtdS2z2RqUMsf_YWQMOkbq2ESylOhP3vdfrUv1OtkTKR2PioX_hVKhijJ27eKFKIiOwlt_houyy0enCo9UzXrszOoQt5lAXdUiwQAd-MSCivGlPG0pn4E8B9hSn9RzAkbvfYhU0O9pWVKWa1kcynMmI_3eyAwVW1bc06sL421vKsHdA91md6ILs6itmZF252vXC5r4IjBeJARkSkeVcQBSHhIZZCWo_Tjm9SD4BNmiYB6stmMRusKc7gMGMB4L5MItFc16qdmwLNXNDllNawAm8YhGkQCRr9HmzV-240ljZP1OYTqOq4hZc3ToRCiUogBJKu3AnWtJfIv5P9wZfedGROS36VTumJ6CcM1bUQIU5j6-HGJYskv_oSFLgKYfHnHeJBcA7fAxLdL2mturmnsCtNGgS1oH2AnhhpTD2TCCe61GTb8VBG1mbibuVRJGQ7WtDFNnyO97vbbGDiEcG0i58bEsF9QUMGOFEvGEnKE8epYXS82fgRGcydF3PuNatlB6bT3Y7M_VLbYUc91Nqg2K1tcC88yA87jL-FXnz67yiezww2Ir-uLSoXzEFKhJJFh0qZNiFaz0xEEzgddcIfRvqh3yypC8mc4ybYf9DLfdRprqeSFe1T0DxE8NlzmDdKLG1PeiMqU9t1gWhma9FzFGc9YXIkVGT2XJ9SVp5hwtaKj86v-gESP4_LG7BbvAN78wwd34MVZi3gvncvXU-edbwQL4icCInliV0_XsToVV8CtArHjYJhz9Ks1AxzOE56wYvRufouA3gw1foEMuz3m89koDEi-Gw29oXs-XzD9vvH0a8LMX4U8sVIxw1CDTrfJLe_s2CxO5aLJ9dSQkomIK8o2-yJkeeNbnnS6S0Yxse8gpLsHfnBoR6Akjpsh_qgnvxOpEsV_isZGzAEblYAevBFQLiniSzbHICDvY0A8m7KhFD35gwqlqsr3CIOY3ENfyVNkiLMF13vDpBruPUlypFA5c6Y9zbV5wMLlf7lICuRx9bl1rZu90nA5ZfhYK_My03lOHo6wdRca94e6lyxA8GLlf4EGYrKHo90Gfi0jSqMjE91kvZe_uHo2E6G7ZDKIFFNT7aSVqTI09x2otB07AlNfufMnn85Ndfk7Li8D3esLOtbGYHOY2tjUjKT915WXGsODb9vDCXozdwhxOei6TVOIeSQXt2J7MK8C4TDMqBWdN5JetVIkUSccIbvrshr6hHWp2ScqlTfYLPVQpwG81qE4n4T1g2pgAaFUMJJmdsvAJP9f0xi6oyTRiCKxadeppK3VnxEVblpnSEV3i-j31fVDPYdkw6xA041FtyMmsb4zcDqqmzWcLxyNLUfHdiKjufSRuWKCd6kMFhvkOk3AuHeR8EFQyegDilFBYigkhKXpiwkw-E7Jq_BmbUQp648bU0IFv0y-Y9eVG_5i-VrP1aw8sJvVSNjO1mI0x2lwrsXSc9bjPN47M_kmhcqaeEFTL7O3sDjCMkOYW9DEIQPfNaeFxnm3j6bTi43cPDJ9r8uzHZdrFLSCN4oPCp39wsraPxpyHcygsk02tZ13DRdDgydXgn4s5vliYqPj2vP9Grd0GwpljPMfSXFMipVRRoXS0vktFclMOqmvVuNxluPOuO6CMU1RxDwU5suqEi7AnyDB8879ba0Siq6bFZYxlMgCoxxe3OfUS0Nez8E08rjvcy4oCOhaxrILAYcebdvJT-lgA6EC7CKqs7_rTeNL6hH3tiMgF7SQiWoNFhZ-T6iZ-C3qyFsgHU4LXt_nRYxj5JsCSyhyzEXr7CE8n9AV2ApSl14WwHARq_opLvCyz3m3vfZ_5JqSRBFmoI0RqEpS8g-CPJ0ecmU-qO5rcZsjUGZ495qU0H42rmfZtb_p_EC7Dr_eXIB1cFku9X1FZ6NWj7J5QeDXo2faMT-uXsJB4T6XukeuhQuW-TUu0ejxzcC00x7yPp7aS9u_20vZsCTLitvYfGqdA503UZWJ-lyEEHrjjzWDAreNdACpDPl7VUHqlxHm9dcErT1BVTx3oAbOE9Z8sTLBrHp_SXhnsQE4oG3aQAv8cslf70GIZSz2EnMSNDDH8XelJHJM0ULbA-FkBlUQAQv44F8z33LcSaKnzr3T6T6RiynULtFfCJYak2xO9CP7MU8NojI7YtDXn46SZXWy9Wy552UdvetdOSgEZ1qYRLvuItZS_AJwrNCdLWXuoEJiqXjNagM6tNUz89M0RoUqMuSrP2VvbwFPDvBdbrWA7NkMoOymwTNNCL6_ME--ljQ0_-FJ5AGmD_VSLfd8lrt5QYLjs8H7P2lN70Ct_5ZQePv-TbF9wfxggBI_97iepGi-Mux7xHmUqAINnvmrB9xE7e624tSxDYMGdjofICRyIYs8WuEWku3rGKTPSGXEmBFaXa8u4gd7lhSbUFZje2M01sg&cid=CAQSPABygQiDOJGQf5GGzGUZj-KRHMPyvpWWURnkzgXadqnDJuETuT4-1wsplRwQoIzRD8MmDU2q-qOHlaEy2RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=12523580099974610000&adk=3047537735&idt=86&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d619b2381851b2fa0a8f1dc881bd9d3353b1bf55a06b3f3e2abb08320de017a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 651E 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C687 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36d4e628911d3dd84b7c3bea29635233d7d135a1ff87c2b866726b58bb2d53bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 651E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw...

43 B
418 B

210ms
200ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7daebfd43b65914c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 126
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECeXPmBS3TJX_TBKpuZhwTQ&google_cver=1&google_push=ATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMvxWdYseei6t1LT4R4lolqNcmTU2g3TdoZ3m2ZJaW_mJe9MQtbtyHHgEGuPq7DZpFmGbAtdkRd5HppfOUfYQq62mA76Vw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7daebfd09e88914c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 651E 70 B
265 B 147ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMn0abIbOW6Uzb90Jc0dZso&google_cver=1&google_push=ATf1kGPCMwh-zASyzqEM9v5CuDyOh4ZNW0Gcb8Qkvgk99ZUvB5rwrY8kvg9H-0fgnk17gUMC07ZmyM5tVk5QZXDOubhFXgN7DKN6
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENdX7Y-fWR7-fscuWYCzpyQ&google_cver=1&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAK...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAKstTR...

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAKstTRfdgIRQeA4D

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI0NzIyNzczMzk3MjQ4MjIwMg%3D%3D&google_push=ATf1kGP0IuCE7Yh20jtwAvroud96MmlWNQulIIpwobz0hx6bp5Qe7TK4bhgLKkAmfHuCL-kzUveFCGf2ZAKGAKstTRfdgIRQeA4D
Date: Wed, 21 Jun 2023 19:44:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGbsf3GJzjLeJmAso9aMp5E&google_cver=1&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0G...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGbsf3GJzjLeJmAso9aMp5E&google_cver=1&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0GqM7AMa

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGN6Nff8XVaO8tm-NuYzCid95w0cKxkOBD3Nti6JqAGytCWtFRjkQvNIOlYkN5pYNYRT_QGERYXqV50LiZa_79el0GqM7AMa
access-control-allow-origin: *
date: Wed, 21 Jun 2023 19:44:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJbEH75sMFzmQRgUGWAEN4Y&google_cver=1&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcs...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUxMzUwNTAxNDI0MzU4NjE5MDc0Mg%3D%3D&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3N...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUxMzUwNTAxNDI0MzU4NjE5MDc0Mg%3D%3D&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTUxMzUwNTAxNDI0MzU4NjE5MDc0Mg%3D%3D&google_push=ATf1kGPvLrERaHEuXZtTvDR17wSB0JezKBOD4H67oxdI04d1UgXn--3Nt_8_0rNTcevsbflzfQl5hCMByjO_1KoCc-txSWpxhcst
date: Wed, 21 Jun 2023 19:44:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 651E
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEO3SdMGe7lW-xeFJ11eHuH0&google_cver=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS4119-ffHt6Xhc2O_Sfj-Amu7CI0KM20YNSl22MwpRgMNpZfsR7_Qgexwzkf88-cOfESd3pML
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS411...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS4119-ffHt6Xhc2O_Sfj-Amu7CI0KM20YNSl22MwpRgMNpZfsR7_Qgexwzkf88-cOfESd3pML&gdpr=&gdpr_consent=

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGNNR7jkbjURR3jG1KfIdzmS4119-ffHt6Xhc2O_Sfj-Amu7CI0KM20YNSl22MwpRgMNpZfsR7_Qgexwzkf88-cOfESd3pML&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 651E 0
362 B 81ms
22ms Image
text/plain 35.156.175.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEEqNPXvTdJLWEet3gxQ5hYs&google_cver=1&google_push=ATf1kGNm5fIPJhq1GkzgX6WjTbcsvcc3c2brU4Q9O67mjTHEB6GaoY3ZoAhswizryzWrMMZNRDgMjQU5o6mQpDG-SC4KO9fv_rVHQA
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.175.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-175-114.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 651E 0
12 B 37ms
36ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIoZLQaKpnRQqL0NCajyjOyrrk92sV8JfBK4v4jBmVc_tmrV-IFvL9DQV40CejPV4G1WjQlA

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/ Frame F08A 5 KB
2 KB 22ms
21ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0a178d32dec8463bfaf9de03961359d840aa5ac83259bb2071e2dc738bb80c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 425129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1783
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 21:39:29 GMT
expires: Sat, 15 Jun 2024 21:39:29 GMT
last-modified: Thu, 20 Apr 2023 13:50:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C687 0
0 132ms
68ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfMo7EO9jwMJis6RM8TSyv6WqzragR65BW7B_vdLRIgt4M95HEN__9-5-gdr1d-YcLkyDPJtzR5UcX7JwLd5Q0pLvCh5jWICcHWlA4I2lqJQqUsWM63551k0nJcNTtC7rUF5FhUBvDkW4vYYqX5HnlTYiG1CNLKVr2n16ZzXi5_bBl8EwY-dU7JDPitRcOBFZtuRdIQX5Msvut4sV0a3QUi5myaCTM0EKMNPmi2sUNGZclu13szvT1mqqsnscXow9eerF-MgbcR41uY2P1GmJU9g6pGlpwW9KMZ2dPagYfvBZaLklyvqcgdP7JlC8itXjFJJoyyWElbp07jbI-TZPOGPaT_mB4bvYqIeSjKqHfkEyiOHU9OAZB7hyuiHl42P1MKuGO5LZQFCTVzHWY-uqk0gWVcqRd47ev_mwZHwvG1y_L3DgKyx6NHVGyMjcJzNvYZXio1v1XM2OFaPXDqb2pzOteEAGCwEyXfiJkuQGg2lYh64Jmrmn2a8iwADWcj-HWCpnqQtzwHqEyR4jvQn2nno-Rxyz9GBWYClQEf_m6FQp1Qx_JtxMHZ38gdcSC7jNV-2c_c5rjbfRZ9DEsPw5ugAl9WSoP6afVUKkggw57lb4MMm6QpMI-3dbFkZ_Dn6Pwnnp5WFrVGvvAbnpcNbirChl734Nms_jSYGSjsvuA0lK7OtURPUJ7glu79k8rdbEWIBGuQiI2e1tzpZYKlwtki1ZIdhuAVHw_oWzt35iOvrzzFMJGgIvgSTKIMWFbih6EZdhP9_V9ZWz3AhJ7jL55kueEEC_aqbznpHojRqL-Hd71F0fXn1ox-5t6K-4ktBFiHywANQh9QkZZ--4x9hFZQqOwop9lQ4n-VAlNjzezDVD8j_ZfiJo41lW_r0VFRSYjnYIZpM24w0lzjJtWgJfXzeCkpNyfA8CrgBGtC0nXPDGoqWv4oOAsw1WnvDcwT8NaeWf_PH_g-PFRtSANUNoa8NEj8KqgDI1eKbLWSr3ac1_m4bR7YV5fUz1Wyew5hV6DsQZ_Z6mvGqV-YYm0_9zY0J3XMtR8rsjAKkbzAqQmGqddGRd2_MBub0rqtDPnKNL7EU8PQ6wNZu8tpD-A8zU63w1VY2RO3TKjM0-JX-QUmLYzNDsIpRlasuEnJzmtHVuCMM9_Z9t7rk2I74nOXCa0p1DGvSLER8cGcihwrHEJMa8HyTtKsNAbEkXG1dm-dASDBRk7HLbputs_7cmGy_HBRvvg3SbsNkJOgvvuSr0TZLAgJJjXncA0IFF1StFoR4eS3ccIVlsNVtrY5jXCSAWXrYTpMV1b3Sz-CIg8opyoU_EM2E05XRetPWgG9lLsvkIF6t31ofa341cyuh5ZP8ajaft0TDSyowI&sai=AMfl-YQ2HJwIMl_g_Y1lqprtpOOuNkj3osTiA6ayI3eHEpEpFzXKpVupBZqvm_Gc9vA5f5oYBo-jpnBbTteFkZpZOeJkivqTA9WjbeUh3rwr5mjRm_Xx9yeGI8JJsXv4FAejgc1jrIbZBt_sb_JvMzC4ziDWXz3kAF7fZ4BxwKQ3sNfEBbRgEyjWQq7MDLh_2B8wNQ1JuB93sy5KUA8RSFxRP557SCqabPThenkD8-1NGjW4zoARcgbCvnBefN3PWWZgc6K3&sig=Cg0ArKJSzChQkACjZRgvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=114&cisv=r20230620.94291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D3FC 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 05:42:40 GMT
expires: Thu, 20 Jun 2024 05:42:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 74EB 172 KB
60 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Origin: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:17:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 74EB 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A4tG-Na2YpBm6nK7F8G8ZayzkV_OOr01ytCAI-amFKq_TnA_iD3xnUs8M2rpO_TgPxrazBbxlOrFxXEpwcd9z5AaW2KUkA2xTF_vFLGjl5LCFvCGBtRMjFu8J8yl3P4CH2tnpU5UJPucdEOmqNH31aTRtBep17T4J1qNfsNdoNkAdar-Y&dbm_d=AKAmf-AM3e9HCLTIfS7EUCQ3Ghe6QGKxsAS7rHYbcbf7J_PwuX_JsbPFHtH5GA9HAlo7h5CGVG8JW-aVDrUmj_UOWtG7T9hb_FaVXxBuExwkaLZjwJmtPIpZCItBNLi6EXjKxScH7XUXhv50DRte3sbT-zcCNkDZ3VAJsis0XWtQfOJeezNxigq0skg4VziBFCTJGyXyJqe2a_EveFHom2F52lBD3EAnH5nR8Kz72M7wEAtQHtxSUcEZHrOj58jSOPAxqm-keqKfcS3VVNxHaORIC6Shg3HavZdAJw4LD7OY0J5TRnXIf_xoGfuMTUiOBrd7HtYctj9Nbu0QFa2goT_3ZB5hl_4S8TMjoSVKZPmROan2Vl70DNfRhHXWADbzNaB4WCQjjXvVhOr1eTO7XELx_V8AvRqiiE9O1U-2T1NVkuKoPETbsg4Uebr2wgz-iEpBlEcucfJijRsHJ5khWGp5uuftDe7UlqmgPO4OLFJPGQaV_M5K0Vp8RUkAfMYJNVNQ7OCD6xY8a6lcs6CzFi0Z77XlG68CWwSPulb-f1IDwoNv7Dg8kYdJUThrkvlUkJzMiIzY8Z2mftMpUXOZuY4_sPCzH9eAThPN4YUNrh5jSEqVKjOCu9ss5gxF9FpZ5q4bGaHYs-xQipMX3AtrZTO-T5WqaCQCvxvsuIHJiX5DlFLw3p1Bpzu1kTxNKeximuDeI753TfIBvBspNQsOJHtCN5Vmh04VG9bTHwE7mchReZ2kO24GKaSLg4tA-eYan651-jGg9UBgl3xiq-r1uyz5WAEF3_StkynjsrB2yALBetFsRko5FCOfaEAfUu5vU8N0dbI1mwAfYDjQVONjRnSkZtoyfmFgnKm5ayQmpchxqKzJTAM5nFu9NMKrT-wN7qywiI6pNeyxovxguBf8kcJ0TPWrGPjBhVNMKhavBbr6xGQ66tbvou_0JnzJiHO84f7b-LXYNYWsAd6lNDLed1dQLJyrB2VXedfpIYMtCtTQ0yah8IcvD7_eQR2J6oS5-aSdMkn9cW7XqtxIRD6hDddRj64QmoWHqDZG3uMROmCqcKIEL7Y1NgwYlVb8dvU1DZjs7jxcjXweXJMmmOg-UDdWlBnaoltOZe-YeD63AWgZJvWNVOTY1MGHp5mwKf-BYCRgC6l0GoSBdufm_lx7rxQe7hZuKDcbKA1sG23Ruaujz7n8NHZUlluHGozXDR24uL1QtCVk9pbQzhaOJ0Z72gUrA08nYt4jDPjgb-1jP9Ua_6fKNR7e1Bv3ttw6w8b9Qm2_cCWjWBr4Bp9v-Of3qaxxs3_aUUn0a4VazJnKQfjIyeZerIJtdS2z2RqUMsf_YWQMOkbq2ESylOhP3vdfrUv1OtkTKR2PioX_hVKhijJ27eKFKIiOwlt_houyy0enCo9UzXrszOoQt5lAXdUiwQAd-MSCivGlPG0pn4E8B9hSn9RzAkbvfYhU0O9pWVKWa1kcynMmI_3eyAwVW1bc06sL421vKsHdA91md6ILs6itmZF252vXC5r4IjBeJARkSkeVcQBSHhIZZCWo_Tjm9SD4BNmiYB6stmMRusKc7gMGMB4L5MItFc16qdmwLNXNDllNawAm8YhGkQCRr9HmzV-240ljZP1OYTqOq4hZc3ToRCiUogBJKu3AnWtJfIv5P9wZfedGROS36VTumJ6CcM1bUQIU5j6-HGJYskv_oSFLgKYfHnHeJBcA7fAxLdL2mturmnsCtNGgS1oH2AnhhpTD2TCCe61GTb8VBG1mbibuVRJGQ7WtDFNnyO97vbbGDiEcG0i58bEsF9QUMGOFEvGEnKE8epYXS82fgRGcydF3PuNatlB6bT3Y7M_VLbYUc91Nqg2K1tcC88yA87jL-FXnz67yiezww2Ir-uLSoXzEFKhJJFh0qZNiFaz0xEEzgddcIfRvqh3yypC8mc4ybYf9DLfdRprqeSFe1T0DxE8NlzmDdKLG1PeiMqU9t1gWhma9FzFGc9YXIkVGT2XJ9SVp5hwtaKj86v-gESP4_LG7BbvAN78wwd34MVZi3gvncvXU-edbwQL4icCInliV0_XsToVV8CtArHjYJhz9Ks1AxzOE56wYvRufouA3gw1foEMuz3m89koDEi-Gw29oXs-XzD9vvH0a8LMX4U8sVIxw1CDTrfJLe_s2CxO5aLJ9dSQkomIK8o2-yJkeeNbnnS6S0Yxse8gpLsHfnBoR6Akjpsh_qgnvxOpEsV_isZGzAEblYAevBFQLiniSzbHICDvY0A8m7KhFD35gwqlqsr3CIOY3ENfyVNkiLMF13vDpBruPUlypFA5c6Y9zbV5wMLlf7lICuRx9bl1rZu90nA5ZfhYK_My03lOHo6wdRca94e6lyxA8GLlf4EGYrKHo90Gfi0jSqMjE91kvZe_uHo2E6G7ZDKIFFNT7aSVqTI09x2otB07AlNfufMnn85Ndfk7Li8D3esLOtbGYHOY2tjUjKT915WXGsODb9vDCXozdwhxOei6TVOIeSQXt2J7MK8C4TDMqBWdN5JetVIkUSccIbvrshr6hHWp2ScqlTfYLPVQpwG81qE4n4T1g2pgAaFUMJJmdsvAJP9f0xi6oyTRiCKxadeppK3VnxEVblpnSEV3i-j31fVDPYdkw6xA041FtyMmsb4zcDqqmzWcLxyNLUfHdiKjufSRuWKCd6kMFhvkOk3AuHeR8EFQyegDilFBYigkhKXpiwkw-E7Jq_BmbUQp648bU0IFv0y-Y9eVG_5i-VrP1aw8sJvVSNjO1mI0x2lwrsXSc9bjPN47M_kmhcqaeEFTL7O3sDjCMkOYW9DEIQPfNaeFxnm3j6bTi43cPDJ9r8uzHZdrFLSCN4oPCp39wsraPxpyHcygsk02tZ13DRdDgydXgn4s5vliYqPj2vP9Grd0GwpljPMfSXFMipVRRoXS0vktFclMOqmvVuNxluPOuO6CMU1RxDwU5suqEi7AnyDB8879ba0Siq6bFZYxlMgCoxxe3OfUS0Nez8E08rjvcy4oCOhaxrILAYcebdvJT-lgA6EC7CKqs7_rTeNL6hH3tiMgF7SQiWoNFhZ-T6iZ-C3qyFsgHU4LXt_nRYxj5JsCSyhyzEXr7CE8n9AV2ApSl14WwHARq_opLvCyz3m3vfZ_5JqSRBFmoI0RqEpS8g-CPJ0ecmU-qO5rcZsjUGZ495qU0H42rmfZtb_p_EC7Dr_eXIB1cFku9X1FZ6NWj7J5QeDXo2faMT-uXsJB4T6XukeuhQuW-TUu0ejxzcC00x7yPp7aS9u_20vZsCTLitvYfGqdA503UZWJ-lyEEHrjjzWDAreNdACpDPl7VUHqlxHm9dcErT1BVTx3oAbOE9Z8sTLBrHp_SXhnsQE4oG3aQAv8cslf70GIZSz2EnMSNDDH8XelJHJM0ULbA-FkBlUQAQv44F8z33LcSaKnzr3T6T6RiynULtFfCJYak2xO9CP7MU8NojI7YtDXn46SZXWy9Wy552UdvetdOSgEZ1qYRLvuItZS_AJwrNCdLWXuoEJiqXjNagM6tNUz89M0RoUqMuSrP2VvbwFPDvBdbrWA7NkMoOymwTNNCL6_ME--ljQ0_-FJ5AGmD_VSLfd8lrt5QYLjs8H7P2lN70Ct_5ZQePv-TbF9wfxggBI_97iepGi-Mux7xHmUqAINnvmrB9xE7e624tSxDYMGdjofICRyIYs8WuEWku3rGKTPSGXEmBFaXa8u4gd7lhSbUFZje2M01sg&cid=CAQSPABygQiDOJGQf5GGzGUZj-KRHMPyvpWWURnkzgXadqnDJuETuT4-1wsplRwQoIzRD8MmDU2q-qOHlaEy2RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=12523580099974610000&adk=3047537735&idt=86&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 74EB 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 74EB 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541548
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

GET
H2 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/ Frame F08A 256 KB
54 KB 84ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4db144321efbe62d33923077d356ee2fdc097848ebba3f1e1396027122b2d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 415820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54976
last-modified: Sun, 17 Jan 2021 03:02:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6003a8bd-3ffb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXAvb0yrhd51FXmPQ3igDMpc8DjTX3OxrFPCRuuHcIwVQbW%2B6Zq8cVn29H%2B%2FyfejiQMjL59b1CaRRmERp3UsIqB8pekN3RW2p2cn0ZgQkaD6o3Yr9yzN5dj84%2FG0cu0mxlK%2BPPaZLkZ242WoumDPf5jP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daebfd0cdbf9249-FRA
expires: Mon, 10 Jun 2024 19:44:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 858D 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 74EB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 194389ab9980a87559925b668961beb1f6fd1328ffb6e44746562a6bac7ee91d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DF2F 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 05:42:40 GMT
expires: Thu, 20 Jun 2024 05:42:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 858D 35 B
465 B 82ms
22ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBvSF8aF8yEmfGNqYFHJYpI&google_cver=1&google_push=ATf1kGP5f720zE97lL5Liwe1VMZVFeYmG40NvDRZ0htL4DgfDgrQV9hQxCOHIYSSJaL_TBhZTtskBMQIUEGGD1Ap0Roe_n2vxQGM5Q

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 858D 70 B
264 B 47ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEG9VKnK9l2Vh6gPZ8fGeisk&google_cver=1&google_push=ATf1kGMMr8_MuuK9BO7I5h8R99BoysrQjYovgLyecy36jaoqAVdDmolEJR2-HmB89hp2952k7nHAlZtPxkRsPOm2mW08q6S5lprwBg
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMZvvnVAhhIFeCHasokMHUM&google_cver=1&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJXh0y_iSSPy8qGg

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJXh0y_iSSPy8qGg

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 19:44:59 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGMGjt_uv4pz0CphaJ3lAnWIBHvyYSfcDaSn1kerF41RhQetaVvmwIJmLr7dkYe_dmo9J6GftOw9B8_EurAJXh0y_iSSPy8qGg
x-host: tde-deliveryengine-production-6885dfccb4-n95kf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858D
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEIh2f99rAHjgUyoygY3JUbE&google_cver=1&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw&google_hm=ZzZhMWVmNjQxNGZjYj...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw&google_hm=ZzZhMWVmNjQxNGZjYjc5N2QxOTQ=

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGMlDD1EhGzkW3L3GZth1Co54TMu0t0znEd6HTC40jTgkQZyqic0WZIuMda9KYnQT1s_K4GTSy9Sv1NGfli5_d1YGf4tmnLeJw&google_hm=ZzZhMWVmNjQxNGZjYjc5N2QxOTQ=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858D
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEHiBWBlHRBXA5n4sSJNTzLE&google_cver=1&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQ...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk&google_hm=WkpOVE84Q28...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk&google_hm=WkpOVE84Q281c0VBQUgyNHJqc0FBQUFB

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Wed, 21 Jun 2023 19:44:59 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEHiBWBlHRBXA5n4sSJNTzLE&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk&proto=google_ebda","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZJNTO8Co5sEAAH24rjsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40124"}
X-SO-Key: ZJNTO8Co5sEAAH24rjsAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40124
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ATf1kGPv6bVs3uPtVs32tAhMA0FJpPzhT9TQk4oaB1VIpglt3x0broan5RlxjD5HNP7-54e3YuReQq4T6BMb5ENPioYfBoSCTZhk&google_hm=WkpOVE84Q281c0VBQUgyNHJqc0FBQUFB
Cache-Control: private
X-SO-HostName: a-ad40124.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-IP: 84.19.175.165

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 858D 0
44 B 836ms
275ms Image
text/plain 52.196.178.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEMcDmrxhOs4VWxPEgECYBUk&google_cver=1&google_push=ATf1kGO9pWmv_Z69hPOeN_nQgXoBFLsK4WHSHSNiqANCZAV4p2VJRFncW7AmGAMQdgEPdh18rJeqRHs8gVx0y63LVg11xlq5z2cpJQ
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.178.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-178-144.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBz31Qr7jREC5BAceJQmP5Q&google_cver=1&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDA...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBz31Qr7jREC5BAceJQmP5Q&google_cver=1&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDA...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IRGFILkg5RTJ1RzI3QWhGZmJEYlhMV0pZbzk1dWtna35B&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQ...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IRGFILkg5RTJ1RzI3QWhGZmJEYlhMV0pZbzk1dWtna35B&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDAFATyMv1oepeXHRahBPzUQ-7wezeYE

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IRGFILkg5RTJ1RzI3QWhGZmJEYlhMV0pZbzk1dWtna35B&google_push=ATf1kGOyOaRs6ws0mgejzePcJBLgNodjIO7yT39bTyfbQ6SCP7lc1wwcQHOrh34-i_WO1LQrDAFATyMv1oepeXHRahBPzUQ-7wezeYE
date: Wed, 21 Jun 2023 19:44:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 858D 0
12 B 30ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvJTm1VLcdEXCpKaosnSzp5JtsYqFhvY1PVyjt98J8QEvOxAg-e4fg_ZHdg3EMk8_Oo9LK5Q

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4323423352959208367/ Frame 86DF 15 KB
2 KB 57ms
57ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0486d620f8c483ed0fa8b56edfef5799ede455138606b4392604174847199be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2272
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:59 GMT
expires: Thu, 20 Jun 2024 19:44:59 GMT
last-modified: Thu, 16 Feb 2023 15:59:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 74EB 0
0 70ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKa-OHi_4urmpYc0vvx79168Fhhy1Sl4rRlObUOHRf4BumpVu2HOfFVZik_PZY5fofHnIsxy78VecDv36R-PqQf_ljC72-nYQcU5wx9aN2mkdOTdBaEwYmUvNaokA39aSr0EWQ85rKW7BJwaNCwk7UkqOqZnWp57Sv-vt_MG7uK-SxLIjhbEsCaeq8AGJbr2VRkHhcIRzyTAU2d7LLkBmjqpyEvOJQ40UH7AqJfRVjb8nvQerBUIIpNhgWK7CcJXsu1lE_WWX5A4WwFOwlqQJbxVTnjTZHOWJzCAsaP2u0NY0uZvI2yh0Mid8eQGNraSb40012kGz_K_pZEQdA2I7YgZRY3LZeFKiK83wLdDg292hXdUOB_jPP6cki0CzJWUQlKXZN9KdzySGuHH-xB_aqWcftsOwXlKwIXcq-imPmgbil4kXj3dKDBs2nq7fM-qk-SrjPksekl_maQrWTczixlq8gUNginRjJYUGZv94LsWuxrFbEsRs7eUP7nRPqmudtasHOsWsohVyRgGWLCU5YpX5qG-kgQqYlF0M6X9akTn423LOeTBcl56g_gDE7NXHXV4uT7t9sUTLf7gBvmXZn8N6t_sXHQ2VJqVYbdF1vrkJu5WbES04ri6odeieIBItLF-TZrlGH1yeS11jAxWo4-WDdf_zIg2vgcpqVcl9AE3Lo7v8Wxup6oA5gjgwjYfSsn2pWI5qOdrubLKiK9KNtEZ907hE3snRgpJpCheOHlWb9r-RGTvA2pVq0L6jnnbOapyX3G6QWMIbQp9qNF8rmbMKdoCM4A35NNXXXglNdwpMs4T_yNpaNe7tvxQEDhJbP3bo0HaPE0d7qC3zgMdgQcu6Lf6pzuQ1PbBCTx_mjmDLVsA4xTp481ek0u2H8e4MJy2GN9lVRKPAnte1PQWV2Vz2p-C4L8oPBfawf_XJDG3RwSsTHK7tzqdLDGxoGN8ElyZXT25fz8I5l-3Fs2E_NC41CWE4LP2qn1gsw4YNNTUtyL3Foc19L21mbmFUguCcQZmtUwOTlf2kp0PKR2M8shPoU8zUPwZ1k5e9IbLsqLA9LAeplGJ3ewJD_3KTFGTaBFexjgFl0n_9tiu8L0UU1bBgTZR2HFojUQTOqiMQT0R1CaAtlXBY-G4h1ZFvOQFx4iwoxPdIl9sLz_Boq7Aex9zf8FxVChh55aB7o2Km4xnaVxZkjAkmHdWp0Uk3pVwrreVh9oHWNquPoUlMF6puGHmUSCOCeV7EDZX088j17aOEs3uCqcLaduQFb7II49Zzhd4WNdk8vsbDfgZR4jx7s2k1RMXvf7RLK3OVK5x53TyXJxCpCqSeIyalKYd-Ee78fNE7vHQBvtFLT86YbbHA&sai=AMfl-YQagvT-Ze43TCC6ULB1QoIFWdvFWhRZoETYZZ6YxvLcVl2YskwEvWKGu0kIeiKDtfmmhHzP-7cpnevtwiJg8HqCeALX3yholja_9R2O6ACChlC8NvFezdOP8d57MO7PH1W97rS9vfIshNd8qG__o878te03IonBAuGCzC8YSdT80Vl6IDCpz3w66XWkpTCXEzvuzMjxFPZn8OgkeiNuKmuRne5vQpB23erqk5RcRmGsXVbJTrBRg6N9T5hisDXU6XEbAUk&sig=Cg0ArKJSzGVc7tiYaMAgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=82&cisv=r20230620.65945&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame D3FC 38 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 20:36:26 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame C687
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20006179863&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_OlOTZLn5K9aSjuwPzMiA0Ao&cbFunctionName=goog_wrapCb_OlOTZLn5K9aSjuwPzMiA0Ao&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

29ms
29ms

Script
application/javascript

2600:9000:2246:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_OlOTZLn5K9aSjuwPzMiA0Ao&cbFunctionName=goog_wrapCb_OlOTZLn5K9aSjuwPzMiA0Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:21:32 GMT
x-amz-version-id: xvNeRkb9jAQ4zOn1ufjhgngoRBnUwCN1
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 95008
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 20 Jun 2023 17:21:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: WHOYGctUsqshgIyi0H5dEbQ96kZl14IvA5TW8jecnakj52QlGk-pwA==

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_OlOTZLn5K9aSjuwPzMiA0Ao&cbFunctionName=goog_wrapCb_OlOTZLn5K9aSjuwPzMiA0Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CED5 91 KB
23 KB 108ms
32ms Script
application/javascript 2600:9000:2246:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23602123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: o9ys13ZLI6SVdQ9Kn3L78E3FW7RC7poeL2QCYQEz2v2tabn9Qvf-xw==

GET
H3 200 CbV_MY24_XC60_DE_Banner_970x250.json Show response
s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/ Frame F08A 771 KB
377 KB 23ms
23ms XHR
application/json 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/CbV_MY24_XC60_DE_Banner_970x250.json

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22792901a9b9e8a8ef1fe684b995d8c7f7719d5d5455601b3d7fc16e5fd50152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17769072611184182207/CbV_MY24_XC60_DE_Banner_970x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 13:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 13:50:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jun 2024 13:28:32 GMT

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame DF2F 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 20:36:26 GMT

GET
H3 200 1676550659977.css
s0.2mdn.net/sadbundle/4323423352959208367/ Frame 86DF 9 KB
2 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac546194565bbef33495adfd3072005ecb03e2563f484d0228435a8c4ac42f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 21:31:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80011
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:59:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 21:31:28 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 86DF 118 KB
40 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 10:36:21 GMT

GET
H3 200 1676550659977.js Show response
s0.2mdn.net/sadbundle/4323423352959208367/ Frame 86DF 20 KB
5 KB 33ms
32ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 19:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5491
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:59:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 19:38:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 539ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcuX,pingTime:-3,time:83,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174,idMap:16*,rmeas:1,rend:0,renddet:na,siq:26%7D&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
216 B 536ms
173ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcuZ,pingTime:-6,time:85,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174,idMap:16*,rmeas:1,rend:0,renddet:na,siq:26%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ECD1 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C687 0
0 60ms
59ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfMo7EO9jwMJis6RM8TSyv6WqzragR65BW7B_vdLRIgt4M95HEN__9-5-gdr1d-YcLkyDPJtzR5UcX7JwLd5Q0pLvCh5jWICcHWlA4I2lqJQqUsWM63551k0nJcNTtC7rUF5FhUBvDkW4vYYqX5HnlTYiG1CNLKVr2n16ZzXi5_bBl8EwY-dU7JDPitRcOBFZtuRdIQX5Msvut4sV0a3QUi5myaCTM0EKMNPmi2sUNGZclu13szvT1mqqsnscXow9eerF-MgbcR41uY2P1GmJU9g6pGlpwW9KMZ2dPagYfvBZaLklyvqcgdP7JlC8itXjFJJoyyWElbp07jbI-TZPOGPaT_mB4bvYqIeSjKqHfkEyiOHU9OAZB7hyuiHl42P1MKuGO5LZQFCTVzHWY-uqk0gWVcqRd47ev_mwZHwvG1y_L3DgKyx6NHVGyMjcJzNvYZXio1v1XM2OFaPXDqb2pzOteEAGCwEyXfiJkuQGg2lYh64Jmrmn2a8iwADWcj-HWCpnqQtzwHqEyR4jvQn2nno-Rxyz9GBWYClQEf_m6FQp1Qx_JtxMHZ38gdcSC7jNV-2c_c5rjbfRZ9DEsPw5ugAl9WSoP6afVUKkggw57lb4MMm6QpMI-3dbFkZ_Dn6Pwnnp5WFrVGvvAbnpcNbirChl734Nms_jSYGSjsvuA0lK7OtURPUJ7glu79k8rdbEWIBGuQiI2e1tzpZYKlwtki1ZIdhuAVHw_oWzt35iOvrzzFMJGgIvgSTKIMWFbih6EZdhP9_V9ZWz3AhJ7jL55kueEEC_aqbznpHojRqL-Hd71F0fXn1ox-5t6K-4ktBFiHywANQh9QkZZ--4x9hFZQqOwop9lQ4n-VAlNjzezDVD8j_ZfiJo41lW_r0VFRSYjnYIZpM24w0lzjJtWgJfXzeCkpNyfA8CrgBGtC0nXPDGoqWv4oOAsw1WnvDcwT8NaeWf_PH_g-PFRtSANUNoa8NEj8KqgDI1eKbLWSr3ac1_m4bR7YV5fUz1Wyew5hV6DsQZ_Z6mvGqV-YYm0_9zY0J3XMtR8rsjAKkbzAqQmGqddGRd2_MBub0rqtDPnKNL7EU8PQ6wNZu8tpD-A8zU63w1VY2RO3TKjM0-JX-QUmLYzNDsIpRlasuEnJzmtHVuCMM9_Z9t7rk2I74nOXCa0p1DGvSLER8cGcihwrHEJMa8HyTtKsNAbEkXG1dm-dASDBRk7HLbputs_7cmGy_HBRvvg3SbsNkJOgvvuSr0TZLAgJJjXncA0IFF1StFoR4eS3ccIVlsNVtrY5jXCSAWXrYTpMV1b3Sz-CIg8opyoU_EM2E05XRetPWgG9lLsvkIF6t31ofa341cyuh5ZP8ajaft0TDSyowI&sai=AMfl-YQ2HJwIMl_g_Y1lqprtpOOuNkj3osTiA6ayI3eHEpEpFzXKpVupBZqvm_Gc9vA5f5oYBo-jpnBbTteFkZpZOeJkivqTA9WjbeUh3rwr5mjRm_Xx9yeGI8JJsXv4FAejgc1jrIbZBt_sb_JvMzC4ziDWXz3kAF7fZ4BxwKQ3sNfEBbRgEyjWQq7MDLh_2B8wNQ1JuB93sy5KUA8RSFxRP557SCqabPThenkD8-1NGjW4zoARcgbCvnBefN3PWWZgc6K3&sig=Cg0ArKJSzChQkACjZRgvEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=415&vt=11&dtpt=297&dett=3&cstd=114&cisv=r20230620.94291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 474ms
175ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcw2,pingTime:-2,time:150,type:a,im:%7Bsf:0,pci:%7Btdr:114%7D,pom:1,prf:%7BbeA:582,beZ:583,mfA:586,cmA:587,inA:588,inZ:593,prA:593,prZ:600,si:607,poA:608,poZ:646,cmZ:646,mfZ:646,loA:667,loZ:669,ltA:731,ltZ:731%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B142~0%5D,as:%5B142~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sinceFw:122,readyFired:true%7D&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame F08A 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3c008ffe1d6ee338cd653dab842f7a2eced53f412799eda51d53193df6ec5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45c7ca4b080d7ef5d3eb12b977e8d4d147831105e002ca62d973d3293e6f23a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd858db7dc517b76bdf1068076f0ff5694a8d2138d1bdebe2b37fb8a5c8ae689

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69dffaf33995a49770399ed1d4cb6188e76666a82b77259598c5855061c0a39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c008f1ad405904149f18ba88f2cd7c41f6ec05957f6beee4205ad6430c4aa0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfbabf04d783b723e9c15105bdfff839a1797ad79832379301852bfe9057416a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 722206ff955bd15a9788711f8b98d32efc29167ad64807e4f8f2c8725912e673

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd7a3a8e656c26cb9c13f54bcf073acb42166a7bc7870ef042c67c23ddf72162

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4116f43d89c55b91dcf8a230bfa9b79f6e822c81fcea3b5dfee56ebcfd479525

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2a29dd07eaba315bb36e1e3ba38f8a025f455222688f0630b375dd4ac2f3ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f708984e243cb3b26317aafd035c76be771dfb9fbca75e4d1787d1d4700e5b52

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dc695f2d98754cba6e3585ed02598993e0a0fa8060b6e06d5da7ca8331b9e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0c702669500e911ce14a464e4f6740a100d42fab12b675e71381dfc61edcf82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09c132ed9eade3d031fb0306442b70e5bc7440ef20e71e8b638b176273d428b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff806bf9383a6b55d4d2efdf2718471a0ce75ed413b0339f161058aa0127107

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22e58cc6dae9376b2dec5d6dea166b20eeced01f132d101e2a463fae69fb93e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e1cdfe90eff2980c4c74029ef8ffc0e12f52fb5ef8843e4d2d517977743175c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb20f9a12a04a834c1c1d0c4a6c41b7662b3e3972c4400c477ed82769d1ec8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dca347b9becce7012dee39dca357900eed261d9670f7d91043291d08bd6acbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2b5209de1b6f1d7e95372f59a083f530ca527934163f1689b1a2c014d6dafbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9df394ae90718afffcf854c7fc7be539e61ef94596fa266ccdaec2309e80e734

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ccea38999d65eabca4c084529ad89a02dc4322a2fe87f90e34e8c1e27dea9de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371718a40620baf5e3c74e66c70aabb76d891fa9da3e4a03a4ad28c02c2c132a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 9 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b145e2dca1c528fb118c91345db4cc7e6e9b421f42ae38d3cf8595d896c29f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f46dc68f822878f6f594f75a64304ca194242e311d56e743e2506c7f74777786

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1779a5a5881e352daf3f2ad8a9f24f26fb53e72e20b811ff39283daef8cecc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4dfaea55f9b110b7bf686a2b030074245b3ff95ed45c7d630015750cdeb1542

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 591f162074260ac6023b651ca366de95961e8a97d9664067f2d19a721ddfe51d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc0dabcc303935533038303de02f22154c590167ce6157e3da98a89e92f71991

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79e880eb70bb163567b9337fdbe00d60ec72ab461410680793fb5a93060e02f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b0c74e0def891648274b54d1778112df5644ba7d2796b0055a4982674b048d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 309ffc4a5d2e0324c7bceb15d0d55b338aed83baf200d44c57ac905e308537c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df246227bbbca5b52c349ce280e7a5ec45ca7b2347c9208b8152790acaf282c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4faf3142cdda813fd09ea4661c647d35fa50f50672d30d010200a146514ea38c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82175d09bb477c22ce052e59953a7451812852ce17ffe9fe04c4605ddba404bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6957fa04d9ff15045ccdf619c466e62df75f2d3199ce90989d8f1ac7a080402

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afc4fb5b9852031b885ceddc39b4c480a1c0387ccbdda6f37e88d0ba549b12b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73464bb51ab65eb6ba5ccba68ba6d1fdff481a2cf60fef317ab842dff82dbe42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 304dd4d493daf5e649e45262aaef6f79a6c8d7b4ae92e0a667dff1d01f62aef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c3621151837daa3bce1627ea17e5ef1140b0818e4e4a368e7b1bd6acba3d861

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3651aa6ca2a5b2c28ed8786d1bd68b22b013628b5f75d0e7972b3a205de8515

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05652fc485a0a46787ecd0c95c540804bc373c9a1c991be7c5faee3bbf364602

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e70a6f1fa850e8189757f6719d62519e7b48226089bb46925bbd0f2074cf13d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da22de2c7e022940533116aa1297bbfd3d41016ef5865ef58a5a660d536cfb4e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d9371afc6689b1d8e6225b84c947c0501271e77cbd745b6f41de2a9f972e0fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame F08A 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99d004c037ff778a9c38146dddcc8a7669a0a5c433616614eea3333889a7349a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 css2
fonts.googleapis.com/ Frame ECD1 4 KB
744 B 117ms
37ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:40:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame CDC3 8 KB
4 KB 104ms
41ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 22:34:03 GMT

GET
H2 200 fb68e6b4c4cd4921e7448129c8daa4c3.js Show response
www.gstatic.com/mysidia/ Frame CDC3 154 KB
57 KB 112ms
49ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb68e6b4c4cd4921e7448129c8daa4c3.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbfb1ffbe141afce3b582141149a90f5b74178e71ed93832ee4038716220573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57880
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CDC3 7 KB
1 KB 77ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:42:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CDC3 2 KB
892 B 35ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame CDC3 22 KB
9 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CDC3 3 KB
1 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame CDC3 19 KB
8 KB 37ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CDC3 0
0 43ms
37ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZOwwjHWt9MNWT_K0sCJYyqJTT2a3M8ChYr_JU9ipyuTqvRfwHgRNsw7yWXVSq6jIWZSnrQWoa19CAfcCjZ42dzhhUlw
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDC3 178 KB
56 KB 45ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame CDC3 33 KB
14 KB 102ms
42ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame ECD1 23 KB
9 KB 37ms
31ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:23:02 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ECD1 205 B
519 B 107ms
48ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:54:41 GMT
x-content-type-options: nosniff
age: 31818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Jun 2024 10:54:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ECD1 604 B
718 B 108ms
49ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:30:44 GMT
x-content-type-options: nosniff
age: 94455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jun 2024 17:30:44 GMT

GET
H3 200 container.html Show response
186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 18B1 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:57 GMT
expires: Thu, 20 Jun 2024 19:44:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/4323423352959208367/ Frame 86DF 3 KB
1 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4323423352959208367/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 15:59:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 14:00:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306140101&jk=748411841322753&bg=!iIuli9_NAAaGYqkwpmI7ADkAdvg8Wro1jIiuLmQ4nAJFkyNe3gJ4BTw-6aT11Nzk1wgSvdeVeJsnZHrWbWURDp8jEsPoV3puePgCAAAAuFIAAAAFaAEHmQLKzo8Zsxn23whCyPXRCtLajY2hnk0uMf4hVTRMCBNDVT1biV1Xq7IF9MxRWzEAOTMDOlXMm2Zd-Z7poM1oyJecJy8nPHCSPY7LKldzVWVyt4Ah4BgEeX5-L94FechNWEIh9I_wSklfAnCLz-DJ__1QmdhvLM_zAvhPwmhQBc6JVspVkSLK5RQVTVQHcNKsHwCqa35ATvsJlKogeNV7Hdiz-XAZBNUEFdGBFFHNJOmtRGsh8FScQXUOyeu2Gm-VobJxy96QgAbToAvGEA_FBaQ_MHYLZUeJmC3wc16EJfh51afwLIbplPC63BZTDZE6DZ8IvtlK5e1SCHQuwccWt2imrEyULyPJGB528PkqZbsQpttIIopQBNaCyL56-a6cQCirQGfLabe_TJsRLuQa1rRvgmXH5ZPvxVpCcWaztdNP5-4lTmEKo4Ct07Yqob2ULfJk1kZBocss9pbiyIq4d389pT2vSXEUhbOTkVTmnMUQhIL6Q6WTQy4ScJOCXOFIXNY2IFnCxcpR6ivwJLvZsC2sFybCuVe4Gf__HfunbMh9lkyxcE439eEim71zPuH9j-I0M4OqdwA27Ja1e47saWBQmKiwxHGtN8PflYiPU4qMXb1YtKEI1sLdDk8WeFNidZ5cUeTx3SKYaqQ93qRpisKXETrYNWv2Lt9nc1CXTz1RZsJNHB7eY7vAvFdVpu5Cai7Cir9Y5MuE87AirIjQNlrSNZHKrXdzq_KKY2vupNhoOXeTYn4fSl0NHKtBAfZatl-b9CRSdH3gcRUb9ww-3zT07ZfOhIxlCXJVhAtwM_8wXwJNxLbkFK89kKKKE_2QhIKglc8mDiJgDnYOm1lCog6n3juPQx_YIgmllVmugeLIgXXY1E1MFOvIPfar4WXcKpI1Iqt02NN-mE838VD03wgYYsMRK5FHP1FmSZjjXOKjAi3WOHhqZkC7y-J5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 74EB 0
0 60ms
59ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKa-OHi_4urmpYc0vvx79168Fhhy1Sl4rRlObUOHRf4BumpVu2HOfFVZik_PZY5fofHnIsxy78VecDv36R-PqQf_ljC72-nYQcU5wx9aN2mkdOTdBaEwYmUvNaokA39aSr0EWQ85rKW7BJwaNCwk7UkqOqZnWp57Sv-vt_MG7uK-SxLIjhbEsCaeq8AGJbr2VRkHhcIRzyTAU2d7LLkBmjqpyEvOJQ40UH7AqJfRVjb8nvQerBUIIpNhgWK7CcJXsu1lE_WWX5A4WwFOwlqQJbxVTnjTZHOWJzCAsaP2u0NY0uZvI2yh0Mid8eQGNraSb40012kGz_K_pZEQdA2I7YgZRY3LZeFKiK83wLdDg292hXdUOB_jPP6cki0CzJWUQlKXZN9KdzySGuHH-xB_aqWcftsOwXlKwIXcq-imPmgbil4kXj3dKDBs2nq7fM-qk-SrjPksekl_maQrWTczixlq8gUNginRjJYUGZv94LsWuxrFbEsRs7eUP7nRPqmudtasHOsWsohVyRgGWLCU5YpX5qG-kgQqYlF0M6X9akTn423LOeTBcl56g_gDE7NXHXV4uT7t9sUTLf7gBvmXZn8N6t_sXHQ2VJqVYbdF1vrkJu5WbES04ri6odeieIBItLF-TZrlGH1yeS11jAxWo4-WDdf_zIg2vgcpqVcl9AE3Lo7v8Wxup6oA5gjgwjYfSsn2pWI5qOdrubLKiK9KNtEZ907hE3snRgpJpCheOHlWb9r-RGTvA2pVq0L6jnnbOapyX3G6QWMIbQp9qNF8rmbMKdoCM4A35NNXXXglNdwpMs4T_yNpaNe7tvxQEDhJbP3bo0HaPE0d7qC3zgMdgQcu6Lf6pzuQ1PbBCTx_mjmDLVsA4xTp481ek0u2H8e4MJy2GN9lVRKPAnte1PQWV2Vz2p-C4L8oPBfawf_XJDG3RwSsTHK7tzqdLDGxoGN8ElyZXT25fz8I5l-3Fs2E_NC41CWE4LP2qn1gsw4YNNTUtyL3Foc19L21mbmFUguCcQZmtUwOTlf2kp0PKR2M8shPoU8zUPwZ1k5e9IbLsqLA9LAeplGJ3ewJD_3KTFGTaBFexjgFl0n_9tiu8L0UU1bBgTZR2HFojUQTOqiMQT0R1CaAtlXBY-G4h1ZFvOQFx4iwoxPdIl9sLz_Boq7Aex9zf8FxVChh55aB7o2Km4xnaVxZkjAkmHdWp0Uk3pVwrreVh9oHWNquPoUlMF6puGHmUSCOCeV7EDZX088j17aOEs3uCqcLaduQFb7II49Zzhd4WNdk8vsbDfgZR4jx7s2k1RMXvf7RLK3OVK5x53TyXJxCpCqSeIyalKYd-Ee78fNE7vHQBvtFLT86YbbHA&sai=AMfl-YQagvT-Ze43TCC6ULB1QoIFWdvFWhRZoETYZZ6YxvLcVl2YskwEvWKGu0kIeiKDtfmmhHzP-7cpnevtwiJg8HqCeALX3yholja_9R2O6ACChlC8NvFezdOP8d57MO7PH1W97rS9vfIshNd8qG__o878te03IonBAuGCzC8YSdT80Vl6IDCpz3w66XWkpTCXEzvuzMjxFPZn8OgkeiNuKmuRne5vQpB23erqk5RcRmGsXVbJTrBRg6N9T5hisDXU6XEbAUk&sig=Cg0ArKJSzGVc7tiYaMAgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=612&vt=11&dtpt=514&dett=3&cstd=82&cisv=r20230620.65945&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D518 468 B
198 B 67ms
65ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM66ChD5_-oBGJ6DrZkBMAE&v=APEucNX8-Sty815iI67TAS0lYM0x8rnPBff243ksoJ27xeHqPSsNn0JTt3XwVdAz0eYDRzmol5sDx-ekxzNgB9WBu4GeQvKqZ9t0gYXSG8w2Vx3yE51G3ki5ihLXFrqibGZmgw64Q8gE4Z_N59wOVxhLm7mgKRAlvhApszqhzGKmmvl6qSuUwCwJBHHORlC8h-VDZ57Ab9cv

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 18B1 78 KB
27 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B1 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjcQM362yMPPsAy9M7DktNOb-EbliMJZfBeSk7PBi6AL7gmuPQAockcjhYBL0mkANi6XiCeZU6fCYtORfKCG7c6OhlPDxEzFVB7O9SW1svJUP8Q9Q

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B1 0
20 B 57ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11402043905071205238&x=1&ct=76

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/266706/51196693/xbbe/creative/ Frame 18B1 251 KB
76 KB 50ms
48ms Script
application/javascript 52.208.62.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/266706/51196693/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQlRAVWvy_EMFmZ3_MupOcJf3KKGilpR4VqJGYJpYyguWJh-kcS6UzC5av0cLMzPqkimMnd9FiWNvFInQv5ufF-wdnEeyiUGml9CsSmRUAoCZ_4GMenl_muc2MyrPEexbl4srq8ciHPhvdwBs9V7aNvnNW1kDOsI0GzBfPK8fPM2zqNvQ22Bwdoyl6x2BuF0UgxPs-Gtz98hWbcqlnLQcf5egdBYQdDU5cXpVIS2GqUbL2ZbPvuagb-mxjiqxwq8CSWJql0OM88IEr4GcHMvBwERpcbE-04BcN5BkOnvW-5GhX_5H7iQcL4TJNzsBjm3NEb28_pIRpkgYUnpjzFPXq6a28tss9OEBUGozN0F4E4AExkzJw_UJ7MxnbBlIxQ5t9R3ID0GXY83qAtT0TG7NkvRfDAeiGbO-yTvAjY7Vjj7AX6OAqQyXHMdjlABYGyvBtG_Eabp6YdaECYEoXZ_HAEp1Bh3sUUDp1yXa9d3XOsrmaRKpALEbVuZ-NGukdfGzYu8gjqWM7XyL0FWH3FsGzqIYQEx5BatN4JIbJf7LdYDBlIy_DJl_jTFZPVw6vIG98a32f4P945tvC8IaQk9xi8tnkbkq-uUVsUZ6arnmgMU-MiVP8dWh1GOpt6OcwG7tH6mrifNhPfnZoq7rfNSr-K3PDiO3AxiSWlvVSP7SudLNYOA1q9XYpncvGacsPaOMGmW4k6oYkvnFBvK8oTAC0FIiZP9Zp0iQ5vY2JDSvXpAnMnR6S8AiZpBBS6ppZb6tLA68PM6C1OC-MvMKtH3Uj5xTTZL039zwrsn7AASivKhxWZGzX-xlRJnvjz1c-FOBhl-Gx6JCiSmnKguv2ggwBMc8boOOYabs8PUCNmERXoNv371zduINnaxqNwAFDGWCUQ5YlxdbrFyTa3TWRXs1o9HySWu08oe0FZZ5SuS2j7U3KFIjAz8v-iclUlQlRbRjiksZ77qoNaHVYgdH-OyiP9-VS8CaIlUwaC69w-cYKE_lPMqrkFVwj421H1xi5dJ7_tf1diHNFdHjzvmAG6ZTx2LT5MqQdGDOWF3jXrX0vRKSeyugSXk99w1JGPFLCRRihZbkyfNRVqrFzmt5EK4eR0NaYRCQ5KAF4Gndn2gJ_6e-xz4bAmO5XH_CCw0vQzd_ldkfAd2aXOUbWnWU825GwwmTLx6iD-UB1CvdmkECT6SUJQyTH0OsL1xfeYC1n8dGb-pSpcElvAte7bLaMnfBlcEvUFzs-lhiXFrIrnimGNp6p0WMaI1gKF2mgxPiIHHByn5g1DSZZl1pP0oEIHlckHp8Jipz9CNqmZwvv1XrTOkKTdSemUJ-FeBSz4bM4sL-5Q_pJuWsEuTCsf829mMGcfNJR6HqHXL277L6hlooTFzrTTLW4BKpGRfTNTJ6poUShDiCvDjuKUZpc-_xbcC8MWrYU8Caz8Y0oMotXoGY_y7L5smGKE4WjTc6uLfm2TpoWXoRBUsJWzKvilEYT_cHvd12LCh1vTkJCBt85FAk24VhOmt65wvTAWhpYRAQ6s00gvn-rG1GuWM_hc7WNS5-HyB14rpqiUHSQj2Xlo-b7JkRpfHhjzN3Xx3quzB4fH5Jb8YcUmmNdULxUwqrBJscLAPQ4a-Ejsv2bYylB__g1lxAyHDO5KLu46CsRsIo0bLLuMOHQi0k1DXUrvUfAz1rsfGalA_F6Dj8oX7SGI13zB8WHx5fSMWyGRINkHQgw7WlwL7KFpSE1nYKxWXbUDdiZArqw9MstT8JBj-4LaavGZ2BF8w36ggD6AP7cJrQde1kx-2VtklIbPDQYgGBRvmfQBAK2lLN32Fxf_R-Y1dASZKUxBpoOh72YGxKH3v2cUIM0tStvD82VgRY--lPT7GsZXIulDcLsjd7GiNNjyfSWgwJ4Q6OD7VC-XFgRpxqFMsX22I2e85uBP3XxeDCtIDXiGFtV6EhrwBPw5RAVf_vlqHpPgjdKYP4d808Nv0tVmR7clZQbh2U7HkiKosEQmMmjahP4TISmwPJqx0NwZTJlxT332SIfjyuKWBqKsHtzL7IYlcfc8i9Ua6XwpeSRtn8Ld6x4zLhQqlWwmEczHulw8PRm1W2YK-sfP8mpWrAqIz3yLtUs8nt2n2O1wr6SxcefcnsSUe5b9UWnekEUwFyLNvbR4FGIsR1-UK_gJaGepo_P3V6WBPlqgKs1vmKUTFEoRP0RdEzFH95ecCgTqr24priE_72ZReCS69jx4HAWcY7C2q2cMKaNKnZ2NuA1JC9kXxscNjT69wrDhl9FrI2HEpmKd4V3NMWmBuaSIT-ql7WyF-o5f3djVQs6kJ-ozKj9V4RxS5Z5cbRfAJf0b2inI0VISxBQ5vaEKztE3HT83rqxHirAF3ht-L2nQTiax_RAPt1p5cryt_h5z9jUF97wxCU3zK8CS2CgnbuurAoi4uY4HtZ3VGbPnCyWybGp_8u-iZ2NAHCXU_YMUrIxEuxgYhRBKAXQ3y1LSE35fwRsIQh1SQFwku6s6zdv9e7Gutjda6F5JbfFtnPOiAxCl7kv1E73QG0d0-3qImyV8L_xwLgHK7JLERcnX3PKmZHqVxpRKfqN0kYROfOsWpEXZd49QdBrXk-a0H-9Cw8GiqDfrIvEEHJtvftu3kW4UbQLn7tknvqA0EFF0y9_LkDGnoXSPfvIZklyIXxgY5pftVU-i0wgnSm5qlqTI480rzC-W0PD3Yt0CvFUeTcvThwTwHs6-jbhMd0PFgFjM8RH164De4tQ6maMxH3-L3HCTU1uTlZ6DHMFnQrOnE6-UED2L_felusmhnQGHNwZvpgp9VqmZFw3CLkqV5_LEsI3etz1ZhvZQTz4we-XeemOK00mqHHEs0LQr0dOjsee7teLsCTPmwvbvSo4x9d7NHAut1exJfIRCqmbOxSwdPMB-cGmIsg0OFzTrMS9PFhuVK2UEfdEfj8IrDzRDTCslnZ2mMqw1B_Gz0OLtC0hY5YSBCVi5xGPo2i9rqJrFZ8T9q6GvfJ1z32fW4XQHKf-VFxr8IKeeE4cC8aMzIkm1kPI4YjOWcr5PBVGmJon12dHYwcIxezvaaMHEtcotBxN308mBm8DiCm-9tpOHUsa-AQ34H2mjcMJKBsPLzK1chrTOZ6QVq4pDsLV6ni0XVG7cjgw8le3U1ykxcc-VjqR9O7dsM7BLXfR7UCbnOwyeZiwoA0calH4jpjwzr-hGTrNsLFaSD56QIm9QDv075TOOSDmh9saxeNRbxUEmS_0rA1jcmSzHWyTKPD0qHuDYvSP1maDsheT1nb8tU1B1RpWRfyFHSomc5YRudIZZ046i11j8bou9KkZmuohK3rGnVd6r3zdsXzj0QExyU-hfZE5xNB_IRkl0bT2wswvP7PyUHZ_omEIFI7c9UXUcWixSC5-Jsr_KPh4dCZmSyH03Ut0DKyVUP8K-G53Wti2f6-PqhPDF3hA9saI1B1HLIRp85Q3e5sFMr4HJItpcQyTX3lJ7i_Sseajodnv3jtP2DKIsi3FeeYfvlZHNw6uu6pvGGSnSwBUxiMzz57_VbtRuq7dAzFxw1KAikJgepx_aW7YT92JhcWrV18JKP9WxNVWAzjqM79ark6CNWZu53cAnz2LsvYmwcZLBqPc7KRNPEtzQxbyNFTxem_gEEANTapBOx6MkCZzJXEFxS8Hxk2r9BzNzJwk2F29ME_an8h9hHDvc1SAZZ0elT08htVos3j4ZPhMGkIIBBI8AHKBCIOmfmKzbFOwU4l_hf-Oz7YJfJG3xwOI6WKkRIVKTZ9vvqAsTjSSrrK0rdWbycRcd36pFE2YcBB_GAFgAQ&cry=1
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.62.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-62-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a77553a2af901f7e36ed9a02bab6dcfc72f68b69de64642d5402753f100b0c9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 18B1 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 18B1 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:11:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 18B1 0
0 30ms
28ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxWmnfg9Cldj36G7KL5ozt4YowW9345HB7AZ4k9Tvroc-eJroKDRGRnbx8VXfSzFKzdwFxDDYeCAl1HujxLYMH19DYAA
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18B1 178 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 86DF 13 KB
6 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jun 2024 01:39:52 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 86DF 7 KB
6 KB 67ms
66ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0629562dc06b2c5e35f1383e92658661b66856268dedb75bef3890b2bd47a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5666
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame CDC3 0
234 B 1283ms
438ms Ping
image/gif 2404:6800:4009:832::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lj64iq57&c=2330846519118&slotId=1165423259559&qqid=CI3U7YWQ1f8CFaeEJwIdApwK_Q&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fb68e6b4c4cd4921e7448129c8daa4c3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:832::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

16477835166902256783
tpc.googlesyndication.com/simgad/ Frame CDC3
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgkYbgdBDJBxjJBzIIqWnyyRJSLAI
https://tpc.googlesyndication.com/simgad/16477835166902256783

50 KB
50 KB

21ms
20ms

Image
image/jpeg

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16477835166902256783

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9831f83935b357922faa3dba361edc179fbb0b052a3e2a5bcfde83b9f1b5c9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:32:57 GMT
x-content-type-options: nosniff
age: 22322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51291
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 15:43:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Jun 2024 13:32:57 GMT

Redirect headers

date: Wed, 21 Jun 2023 13:32:57 GMT
x-content-type-options: nosniff
server: cafe
age: 22322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16477835166902256783
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Jul 2023 13:32:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A0B8 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

206

videoplayback
r4---sn-4g5lznes.gvt1.com/ Frame CDC3
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5lznes.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

258ms
178ms

Media
video/mp4

2a00:1450:4001:10::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lznes.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=58613D12E3C4FFDCD8F1379FEAE5FB345688C680.0449B0F1F8EE06163B716E06F39A53E2D74FCBFE&key=cms1&cms_redirect=yes&mh=7P&mip=2001:1b60:1010:2:1011:4f0b:3c6d:a4d&mm=28&mn=sn-4g5lznes&ms=nvh&mt=1687376180&mv=m&mvi=4&pl=29

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:10::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e640de2990578286e33962bf2671c5f3018b57e8ecd9b277e8e7f799af6775e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 18 Jun 2023 08:18:03 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1085766/1085767
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1085767
expires: Wed, 21 Jun 2023 19:45:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5lznes.gvt1.com/videoplayback?id=45603043d9221867&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1687383899&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=58613D12E3C4FFDCD8F1379FEAE5FB345688C680.0449B0F1F8EE06163B716E06F39A53E2D74FCBFE&key=cms1&cms_redirect=yes&mh=7P&mip=2001:1b60:1010:2:1011:4f0b:3c6d:a4d&mm=28&mn=sn-4g5lznes&ms=nvh&mt=1687376180&mv=m&mvi=4&pl=29
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 722
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame D518
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEJxlvooEO73Cv2a_oiLSQek&google_cver=1

43 B
398 B

125ms
32ms

Image
image/gif

2001:678:cb4:bbbb::13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEJxlvooEO73Cv2a_oiLSQek&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM66ChD5_-oBGJ6DrZkBMAE&v=APEucNX8-Sty815iI67TAS0lYM0x8rnPBff243ksoJ27xeHqPSsNn0JTt3XwVdAz0eYDRzmol5sDx-ekxzNgB9WBu4GeQvKqZ9t0gYXSG8w2Vx3yE51G3ki5ihLXFrqibGZmgw64Q8gE4Z_N59wOVxhLm7mgKRAlvhApszqhzGKmmvl6qSuUwCwJBHHORlC8h-VDZ57Ab9cv
Protocol: H2
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEJxlvooEO73Cv2a_oiLSQek&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D518
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM66ChD5_-oBGJ6DrZkBMAE&v=APEucNX8-Sty815iI67TAS0lYM0x8rnPBff243ksoJ27xeHqPSsNn0JTt3XwVdAz0eYDRzmol5sDx-ekxzNgB9WBu4GeQvKqZ9t0gYXSG8w2Vx3yE51G3ki5ihLXFrqibGZmgw64Q8gE4Z_N59wOVxhLm7mgKRAlvhApszqhzGKmmvl6qSuUwCwJBHHORlC8h-VDZ57Ab9cv
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D518
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTOi1OBnE07BwZmdww5AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1

43 B
632 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM66ChD5_-oBGJ6DrZkBMAE&v=APEucNX8-Sty815iI67TAS0lYM0x8rnPBff243ksoJ27xeHqPSsNn0JTt3XwVdAz0eYDRzmol5sDx-ekxzNgB9WBu4GeQvKqZ9t0gYXSG8w2Vx3yE51G3ki5ihLXFrqibGZmgw64Q8gE4Z_N59wOVxhLm7mgKRAlvhApszqhzGKmmvl6qSuUwCwJBHHORlC8h-VDZ57Ab9cv
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMd5FNoKjYyiQIEDDH31I5A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 86DF 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 19:44:59 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B1 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9223696430842&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B1 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9223696430842&version=m202301230201&ct=76&x=1&cor=11402043905071204000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 18B1 15 KB
11 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPiYjzF2VvAlHZbvr4ZOWHu6k0Ss8ijap4jH07BmBEtIBbHqwvQayVoigqKF5Kq4siMR7A2blM8UQffM3BCCtrYojjuFyFmLUm0X7iMOnvKaY13UpP-6ylZLUMGur1LDGTb00mtbLCeWnfOGF-Ra-Nsvy8iEZBC7b8cO9-pWSTswjhsJk&cry=1&dbm_d=AKAmf-ACRCWi4ZHBfpAoVM7eOccTDTBJ3P8J9ahW_H1gIJfqwe_NW-JvttsPVCKc1ts91oXvZh72Fk4JP2cYfgEIBLtDjqGWT8MGx3qYhpKDUZKCoufg2C4A4_4-3o7N5PqW79Vg-WwlEuXZ7MxGnd2FzB8OvtDBf6l1eA68D_oE_lIswaVXalYus__K8us9y5MZXiQlTizQYjQ0JbeScygQ6E_miA2zPyZNLF_Oqxw2fhJtH706OPowIB7Vhmvk4Ilv1VtunZLxPBpQg-ooYLqSxQdVbDUC66NsaNJI_w_ZhsyhdkF9SrzsxxFDjLSSUjscFzRJ-3-9nkuuWgi02BJTvlbNqD19L2ytPo-CiwFDUFnE79mhIr1gqNDE1-bq82XeX2hQ5U5y0fMz5akFZFF8111BAB8PR_W_Uobs6o0-BH3RMJAB7eimjs-LsqNkpeHLSeUjaj5LmMP_cIfPDo1wV_sinN_nSG5A_S80tsHYV3vwUMZK459zOB_z4BJoXgzrnMJpcbvBxh7_Gw8WqOv_wX25k8CYeT64cNWkwI-ve2HkeH6_0ijpvCvGakWXviqKHf4S298khwY04zbCbBKernha0UrDdhMyQo6eRfwPAURoKs1n3ORe5xciF0MMF3AlHupOizJ-NNKL2xRmE3z83uDxoiaysOgh5lvwYLZ7HtTbXV3K3X4V2RTSOn0R6_8FH1WNzqej2k-eV-DlrweiI2-W9Cx-B-5XKapM_tIXoJahOEd7WoNLPMkxEwR6xVWucQfkn6YgN4OK97F2iGDrrwiyzSJveV4zq8d7cHLySa0Mtnr0jemzRVjB-eqqYKGrbBBtZ5vmBnwyA_frUjpD_jNGB7D85kVXMYIfauAJ0urtmYsO_jLv4V_9r4TGHkZ2KPW0eIL9-kjQvUooZJVtYKkBP7clCDWWC0Q_5dPlXkZiAc7DOc6v6IQS8KICeqR5QYMbFdC6GDuywN2Y2wj17_4UHiYdyxvZEmtViyu3bH-wJ5XfV3_44CDlAoLSCByeTnem9nm21UgSOwVxGVVHGBDW7dkiPoF6KMOZr11blC3oeC6yjsTKIfpMHoE_kQtFeaUUaHaBszMYDxJzlKzc3fNRhEN-G2pCK6zKchcNAJwqKMaKXAJmMu8rdin_ESjagTVbZmsFmOh6PHKVfoSd_6Nmm3yXx0xNnR4Cbe2Wkz0ZxeCMQzBTQDMWvmZOmjOiPjYSEuMz4vKEb0i4SjSM4EvCzvhkl-h6_XzZSMVWvX08xQPtkDnGpUvUX9bLH00YVXpxDdXISy7IwjZMDrVxQIwRMUtVuU2od2woYs_Xr_sD1-D79EDkzf5Hlo5oVPynJHeNO5d-383FH9SIKCur0Sx3lgLUQtYKFdQ7p9mslbrxkbSVDU0njBGlros2c5I_5rkrfEHcBh9Guo-6wdp6Bvl9yicTWi6_as-jy1qfk_2R9d2vUylQoY71HTXdIvuZfCzmevEpSmUiW__Cp-zCF8oJxcSzx9Aq8M6Jg31ZaerKqtqQL0q4C3bu6MO96hfBk7qjLcsZ0_5d6e3bbAk-A8ylRbLRnJrJE1a1Cgds86pOpo0hbbUxykcm1YHTiVN6YmlQY94V6xmkX_IfHAiIzaRud_1pGoJ78-JPJbtFWmY60rjOYh1hqn_C0jA6Iq8soTp75rfXEetYyJVufZ1Z4MZTC2Maf8DLApdzuOQgwDCIhRi0MKrDXjXcHCw_2Ned2EdujBWXfeH1MX5hDPmauxpLok9XtAQdSGzoBSJ2mxH_hKYwKqdj2wWKeGKgM1AJtgoK2_YV5DI-JKR3AdqPM1lqmdC4h2EMIHhedw9QT9n_o8ki0UV2GcT70xURqjsFAIf8EwOMOJ9doMVQjZDmVTRlPzMjxhaiYTVhcQv0fY3F5V2m2txLxaJdJDwkLRHJo80AWXQBiUj36MMDc2F08WVHPrOBtaIt4309icAB3hjE4nXEMwnJSSn8dtqxzzfZ0jAw0l8r4TJ2Xt6ryprYAqKUPIA9PWrK99_BHKBfiwXfc7L_q9N0WOSuxu4UrNMtJKxbU2SJIUsthgZGwhaD0fgkXom5nmFiD39QmJoAKIjmXCIneiEg1VGWvbraQi7XkWSYY5Dphz-EKX1ouHEGrLsExxta5-U4Ei-v67OcyapP3PmteHgr0XwbIz2gCbVXjhXizqxOEV8nvdLAQ83IjPGNJf3wnIkGyhv3-Ez2aM2s9sOEeOB_VQm-3b49VeWPTNFVJh6YWuFU0togigD1dQOuSuJAp_2AizttInnau5LiXUTMzkRoyBM6VsNH2H03AeKwZZgYlOAG4i5DnrjnGS4plHVbbJQZuLD25tgDs_BKadWwKINv2Cbma9qP9GufXSwx3odfqxz5UL7kOSc9wnGZzROhElzv-bOYtlp3gnJ50scnVxyjKXxBfzxVJiMLBmiiDgiaHafHc9M1t-aIAneUR74VlxVpZ0wUqHyGVsDc3i2crNljCVuHG1vvF82x5ZjldUEPYkvbzjFtoUd0gFk99D4y6BgcYzGmiC4XDBqlRAccKHSOBd4DT3pDY5fGlwJzXjiAkZf80PWXW4npk3OigIJeiSzWj72PkpUpd3xfpRHIUnlkS8Fn2fIpSk1RifDie8WcHIDGsjfuywJgCKxEFX2M653F_km9QwoFM2LNahlNg8jrgXC8CKW_THligRmS0mDGiVSwJSrQvnJgNuFUYoBiXIwDLyrRrqXPuRrQrSme6BI8hekQHEzF_tjRKwzhSuue0dkhqR6m27vSCW7q_zCpSHTkr18PmfolEEGb9HjeqVh5gOCPipU6S7OACdcelAWHwpHDZl8EhQfRnZb6LHo9irZ6zsVWVtizMi3h9I6nXM5wwJYFP82WyOjQJE-CFZV17Zjex-l8unGWuLmI5-H2jjhfXDwtdAnWgnZTlHZN_cE2mRpojzK-PWUPXyA9mgZt8mNkYztn2uEceXVkogR06EBc-yYN-TfUPqcvF-zOrk19Pj7SKZVmkbJMQmWZw4QUS20DYXC4Z0CwazkLdPqIbg&cid=CAQSPABygQiDpn5is2xTsFOJf4X_js-2CXyRt8cDiOlipESFSk2fb76gLE40kq6ytK3Vm8nEXHd-qRRNmHAQfxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=11402043905071204000&adk=2857193498&idt=90&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37a212fb2c628bc823fd18ae7ad61eedc667d435d31c492d96fb7134bc4f76ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A0B8
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHZpHN0dbqedyv2HfVe7cyk&google_cver=1&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVGY6I2tyTsi60

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVGY6I2tyTsi60

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 21 Jun 2023 19:44:59 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ploXse3SRVGfSXRiilghsg2&google_push=ATf1kGOWaiRwBv0cTwERWzf1c-WKiEEvylEOT27_DezLOf9grMSrLZ9AVA0XXvjwR-dqkFU5wlvn1JR9ur0C-kVGY6I2tyTsi60
x-host: tde-deliveryengine-production-6885dfccb4-gf9lp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A0B8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_hm=ZJNTOi1OBnE07BwZmdww5AAACI0AAAAB&google_nid=index&google_push=ATf1kGMKmRYhiHql2I07Ob2UHCfjrDaB-a0v3...

170 B
188 B

33ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_hm=ZJNTOi1OBnE07BwZmdww5AAACI0AAAAB&google_nid=index&google_push=ATf1kGMKmRYhiHql2I07Ob2UHCfjrDaB-a0v3-WULJ7iav1hGSQaBWNHP_UfqKgDopQWCgaYMZw1mZ24T1u8p6Zja4pMqE04pQE

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKtPU8OLVipPaEyQmDXEgvg&google_hm=ZJNTOi1OBnE07BwZmdww5AAACI0AAAAB&google_nid=index&google_push=ATf1kGMKmRYhiHql2I07Ob2UHCfjrDaB-a0v3-WULJ7iav1hGSQaBWNHP_UfqKgDopQWCgaYMZw1mZ24T1u8p6Zja4pMqE04pQE
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame A0B8 0
411 B 1064ms
267ms Image
text/plain 72.34.250.75
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNBVaIPiUXuq92Jzlc4dCNyLAc_QyYqJLZ0KJB_N7KVgieLmtUstirYQLiVuvO_kwWUzPzwfWEc_a-A3mjs3nGodKSSC5o%26google_hm%3D%5BUID%5D&google_gid=CAESEG2p0qgBt6eU-1AC3LPZthM&google_cver=1

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.34.250.75 Beaumont, United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:45:00 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-lax-1-5-26
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A0B8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPV84rCD8T8U5-eE2GBhj0U&google_cver=1&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbv...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPV84rCD8T8U5-eE2GBhj0U&google_cver=1&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbv...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA&google_hm=G2sBLGZHqkKHfr1kQ6Kf8Nqe

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA&google_hm=G2sBLGZHqkKHfr1kQ6Kf8Nqe

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:45:00 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNZ9t9TLCoupfVehPqgfwCP1_tHeWexxcdeRU1cY83YKR9bj98KtSPVTRlPWznQ0ZnHskcs6iIq_KIOwVMbvLYjbd20nA&google_hm=G2sBLGZHqkKHfr1kQ6Kf8Nqe
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A0B8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGO0XRcv_W4e_BaK1PaaY...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA&google_hm=A52DkGDZRUnhlXtDSRAjt00

170 B
188 B

34ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA&google_hm=A52DkGDZRUnhlXtDSRAjt00

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGO0XRcv_W4e_BaK1PaaY8VU6E3p23j7eiwTS0WsIBSEECJVnQwhW1aAESd0VVTm0MVEtQRM0qfbZY-iTCqKQcnHhbQnuA&google_hm=A52DkGDZRUnhlXtDSRAjt00
date: Wed, 21 Jun 2023 19:44:59 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d839060d94549e1957b43491023b74d003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A0B8
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEHWpWkERdnrwkidHNaaJdqE&google_cver=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MNFwGXA2yG1rDUbh_LcsK8Kh5HCQV8thEAkRLXc8THJiM20WxsoeD89wI6XrdNjOWv0rQE
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MN...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MNFwGXA2yG1rDUbh_LcsK8Kh5HCQV8thEAkRLXc8THJiM20WxsoeD89wI6XrdNjOWv0rQE&gdpr=&gdpr_consent=

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:59 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMC2F6dXdbWKH3oYJcYk8HU_MNFwGXA2yG1rDUbh_LcsK8Kh5HCQV8thEAkRLXc8THJiM20WxsoeD89wI6XrdNjOWv0rQE&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 21 Jun 2023 19:44:59 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame A0B8
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOao_rBYZ_egXzC7jz_SNQI&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGM_qAE2IogcdQubix5lryuMaf2IZ91uPj5zja0GVR_RpGMzgWguXeejJfWQPb9RcEfYpZ1yx4ppiL2qPgBXk8TJBys3YA4d
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

65ms
64ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 19:45:00 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A0B8 0
12 B 31ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXiIxsFU_SuFt_qzuq3_l6E_q4O2AligbVKvLeVssnO-j9aJVLvxlQHT6_fn5t7PDAsfyAiw

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 86DF 98 KB
98 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:31:39 GMT
x-content-type-options: nosniff
age: 800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 19:46:39 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 86DF 57 KB
57 KB 22ms
21ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/1676550659977.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:37:59 GMT
x-content-type-options: nosniff
age: 420
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 19:52:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3FC 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOJF8OlOTZLn5K9aSjuwPzMiA0AoAAAAAOAHgBAI&bg=!WVqlWg7NAAaGYqkwpmI7ADkAdvg8WrrDIhmWB2BQAMDFJMDzg7qeV03nvNUwpm_5mwGEHVlixlk0EhZrO5JwfrAsVYvRxCiHzdMCAAACGFIAAAADaAEHmQMxOt2Xri8Ti_yueCMfEnVLDowy7w5bZzbZe6fzxkIbqFp-3VZswVDvGZxZCf23cbcNG4jVqhUEeleS7EVwgSFAjykFzYZfhUzRuaiYQpUdy39ef4kndrMtmb4SMIZgxUo8-2YTSXWqGEWbQ5RotoNSzkA2fCRFCpNlmHbxJWDQZHbNxLpIpScO5yqth9do_sgKErflxRHoDTDD-zZjrMAsqtq2AwbQm7mZ1Z0W9MV4m922_TcOqrx7xRNzzzCbJiIxpmQfKyfTtOqlWi8ZVgGDFCWCfgAP_F9b7EklA0E8TFgsdEukHb9_nC_A1dQ7EYStfNnmJVABbk4hiRJKJMTMOobQx8CREwGu3dlBf07_x1B2ORT7FEzsekjHklAQl0X8spPlYm5CkRh0KwwRVILurONs3b98EB2OXG8bO-xbmsX0WEUgyaVn3rnFk02iiNXffaSnNEc_M8LLlHqJAB4BSMD3hZt3CohJgk08jRFuGiFERkxvmOYIWhPEMZbyqXjlJGJVif2B-NEzKIvJxmteCkRjCU1pXpPYoiDAYc6OzXeb_htd0yNcRl5L3rfDf3h0oC23AYyant1qU_z-sADEgG-_Vekc_FLdhN-o_k_WUYq4Xrq3pcRiAQhMPZw2j7Gsa8nmkAQJE-AqoNM3Ddg_Q_s4EiFumHhsWOFT6gZtxwA4M4hkSB1eUXCiUxpgwo3Eem7pn1DKzuW6YA5SgV3uDDkXaemlAUqVjwIcWvwtKBkeitVGQCuUT7sF8clb3X12hRTB4HPo1HwpDMlEWqBk1-wp5FWzdU4L95fJOUOaMHHlTk4uuRopO3eSHsb0Jl2IB0NKUAqgFObLBGxMe-pV170w4Kwh4ltYvntT-a16MgppuslDDDd0jI6ajdFsPxk7b36c2TR9AIFY9BUV4pfkcG4aiJbGr2BTtzjZC3qMrcZv8CylxhrMY6vtivww37WW_hHSX-dV5tUQ6Ry8_e8TCzPFzlMi1LyrUSUBN29Kq-4x9t_2hH9KXQ3DMJ6DQIpmcuHVQhvUyVW3Kbl2Dmc_ouQNDRRvAHxMPejdNNbNvKn8IGjkYzb2TjPsCvJB4DAuOg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcG9,pingTime:-10,time:777,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687376699860%7C%7C77abc1317bc2649efa45058ce8e4ad40%7C%7C8623b242deb4313525321dba17b62725%7C%7Ccdc69ff84fbc0cbc86149288eecbd9a2%7C%7C71da0a2891db5d836ea386c292dda37c%7C%7C3199e8e547e62c0032e0c5192d93cd50%7C%7C474ab3f4e7f07ee9c02f980ccf0b03b8%7C%7C2cd2e790b4e225605935f45bb5dcee54%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame FB9C 38 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 20:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 18B1 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPiYjzF2VvAlHZbvr4ZOWHu6k0Ss8ijap4jH07BmBEtIBbHqwvQayVoigqKF5Kq4siMR7A2blM8UQffM3BCCtrYojjuFyFmLUm0X7iMOnvKaY13UpP-6ylZLUMGur1LDGTb00mtbLCeWnfOGF-Ra-Nsvy8iEZBC7b8cO9-pWSTswjhsJk&cry=1&dbm_d=AKAmf-ACRCWi4ZHBfpAoVM7eOccTDTBJ3P8J9ahW_H1gIJfqwe_NW-JvttsPVCKc1ts91oXvZh72Fk4JP2cYfgEIBLtDjqGWT8MGx3qYhpKDUZKCoufg2C4A4_4-3o7N5PqW79Vg-WwlEuXZ7MxGnd2FzB8OvtDBf6l1eA68D_oE_lIswaVXalYus__K8us9y5MZXiQlTizQYjQ0JbeScygQ6E_miA2zPyZNLF_Oqxw2fhJtH706OPowIB7Vhmvk4Ilv1VtunZLxPBpQg-ooYLqSxQdVbDUC66NsaNJI_w_ZhsyhdkF9SrzsxxFDjLSSUjscFzRJ-3-9nkuuWgi02BJTvlbNqD19L2ytPo-CiwFDUFnE79mhIr1gqNDE1-bq82XeX2hQ5U5y0fMz5akFZFF8111BAB8PR_W_Uobs6o0-BH3RMJAB7eimjs-LsqNkpeHLSeUjaj5LmMP_cIfPDo1wV_sinN_nSG5A_S80tsHYV3vwUMZK459zOB_z4BJoXgzrnMJpcbvBxh7_Gw8WqOv_wX25k8CYeT64cNWkwI-ve2HkeH6_0ijpvCvGakWXviqKHf4S298khwY04zbCbBKernha0UrDdhMyQo6eRfwPAURoKs1n3ORe5xciF0MMF3AlHupOizJ-NNKL2xRmE3z83uDxoiaysOgh5lvwYLZ7HtTbXV3K3X4V2RTSOn0R6_8FH1WNzqej2k-eV-DlrweiI2-W9Cx-B-5XKapM_tIXoJahOEd7WoNLPMkxEwR6xVWucQfkn6YgN4OK97F2iGDrrwiyzSJveV4zq8d7cHLySa0Mtnr0jemzRVjB-eqqYKGrbBBtZ5vmBnwyA_frUjpD_jNGB7D85kVXMYIfauAJ0urtmYsO_jLv4V_9r4TGHkZ2KPW0eIL9-kjQvUooZJVtYKkBP7clCDWWC0Q_5dPlXkZiAc7DOc6v6IQS8KICeqR5QYMbFdC6GDuywN2Y2wj17_4UHiYdyxvZEmtViyu3bH-wJ5XfV3_44CDlAoLSCByeTnem9nm21UgSOwVxGVVHGBDW7dkiPoF6KMOZr11blC3oeC6yjsTKIfpMHoE_kQtFeaUUaHaBszMYDxJzlKzc3fNRhEN-G2pCK6zKchcNAJwqKMaKXAJmMu8rdin_ESjagTVbZmsFmOh6PHKVfoSd_6Nmm3yXx0xNnR4Cbe2Wkz0ZxeCMQzBTQDMWvmZOmjOiPjYSEuMz4vKEb0i4SjSM4EvCzvhkl-h6_XzZSMVWvX08xQPtkDnGpUvUX9bLH00YVXpxDdXISy7IwjZMDrVxQIwRMUtVuU2od2woYs_Xr_sD1-D79EDkzf5Hlo5oVPynJHeNO5d-383FH9SIKCur0Sx3lgLUQtYKFdQ7p9mslbrxkbSVDU0njBGlros2c5I_5rkrfEHcBh9Guo-6wdp6Bvl9yicTWi6_as-jy1qfk_2R9d2vUylQoY71HTXdIvuZfCzmevEpSmUiW__Cp-zCF8oJxcSzx9Aq8M6Jg31ZaerKqtqQL0q4C3bu6MO96hfBk7qjLcsZ0_5d6e3bbAk-A8ylRbLRnJrJE1a1Cgds86pOpo0hbbUxykcm1YHTiVN6YmlQY94V6xmkX_IfHAiIzaRud_1pGoJ78-JPJbtFWmY60rjOYh1hqn_C0jA6Iq8soTp75rfXEetYyJVufZ1Z4MZTC2Maf8DLApdzuOQgwDCIhRi0MKrDXjXcHCw_2Ned2EdujBWXfeH1MX5hDPmauxpLok9XtAQdSGzoBSJ2mxH_hKYwKqdj2wWKeGKgM1AJtgoK2_YV5DI-JKR3AdqPM1lqmdC4h2EMIHhedw9QT9n_o8ki0UV2GcT70xURqjsFAIf8EwOMOJ9doMVQjZDmVTRlPzMjxhaiYTVhcQv0fY3F5V2m2txLxaJdJDwkLRHJo80AWXQBiUj36MMDc2F08WVHPrOBtaIt4309icAB3hjE4nXEMwnJSSn8dtqxzzfZ0jAw0l8r4TJ2Xt6ryprYAqKUPIA9PWrK99_BHKBfiwXfc7L_q9N0WOSuxu4UrNMtJKxbU2SJIUsthgZGwhaD0fgkXom5nmFiD39QmJoAKIjmXCIneiEg1VGWvbraQi7XkWSYY5Dphz-EKX1ouHEGrLsExxta5-U4Ei-v67OcyapP3PmteHgr0XwbIz2gCbVXjhXizqxOEV8nvdLAQ83IjPGNJf3wnIkGyhv3-Ez2aM2s9sOEeOB_VQm-3b49VeWPTNFVJh6YWuFU0togigD1dQOuSuJAp_2AizttInnau5LiXUTMzkRoyBM6VsNH2H03AeKwZZgYlOAG4i5DnrjnGS4plHVbbJQZuLD25tgDs_BKadWwKINv2Cbma9qP9GufXSwx3odfqxz5UL7kOSc9wnGZzROhElzv-bOYtlp3gnJ50scnVxyjKXxBfzxVJiMLBmiiDgiaHafHc9M1t-aIAneUR74VlxVpZ0wUqHyGVsDc3i2crNljCVuHG1vvF82x5ZjldUEPYkvbzjFtoUd0gFk99D4y6BgcYzGmiC4XDBqlRAccKHSOBd4DT3pDY5fGlwJzXjiAkZf80PWXW4npk3OigIJeiSzWj72PkpUpd3xfpRHIUnlkS8Fn2fIpSk1RifDie8WcHIDGsjfuywJgCKxEFX2M653F_km9QwoFM2LNahlNg8jrgXC8CKW_THligRmS0mDGiVSwJSrQvnJgNuFUYoBiXIwDLyrRrqXPuRrQrSme6BI8hekQHEzF_tjRKwzhSuue0dkhqR6m27vSCW7q_zCpSHTkr18PmfolEEGb9HjeqVh5gOCPipU6S7OACdcelAWHwpHDZl8EhQfRnZb6LHo9irZ6zsVWVtizMi3h9I6nXM5wwJYFP82WyOjQJE-CFZV17Zjex-l8unGWuLmI5-H2jjhfXDwtdAnWgnZTlHZN_cE2mRpojzK-PWUPXyA9mgZt8mNkYztn2uEceXVkogR06EBc-yYN-TfUPqcvF-zOrk19Pj7SKZVmkbJMQmWZw4QUS20DYXC4Z0CwazkLdPqIbg&cid=CAQSPABygQiDpn5is2xTsFOJf4X_js-2CXyRt8cDiOlipESFSk2fb76gLE40kq6ytK3Vm8nEXHd-qRRNmHAQfxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=11402043905071204000&adk=2857193498&idt=90&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:19:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C687 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCa8tChMkEkB2snPTbecT0P9fKaSwomXNS-NbIMgmbTk2HVYvFZ6nItCfjaOPbebJcNqBhgfqvsk1Oaj7MMCt7-nvczm87u5KOKVGL1xN5_nhnsFUr8uuodblOvgwklaV9wPWqe8j9Iaiv&sai=AMfl-YTUsk7lvPyT-WLufMLuOI9Pgnp-_CDWH_wBkDxj81MvlKKFFH4CeiEgPt2S8KPsBB_SyUHNY905JxgOgLyEaRZueOvaDeaF6wZ3Y2o-XzoI-oKB1lguglGeIwo&sig=Cg0ArKJSzPydX-vZvrAgEAE&cid=CAQSOwBygQiD0MFoyCXkIJ5BUbUm9rBjK_UDzMG6uxP25-smX1VA2hSyz8Vdv-FgERdwBcig0Wp2wlrzDskTGAE&id=lidar2&mcvt=1027&p=155,315,405,1285&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2619639180&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376698502&rpt=360&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 18B1
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/266706/51196693/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squ...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQl...

11 B
454 B

174ms
62ms

Script
text/javascript

64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQlRAVWvy_EMFmZ3_MupOcJf3KKGilpR4VqJGYJpYyguWJh-kcS6UzC5av0cLMzPqkimMnd9FiWNvFInQv5ufF-wdnEeyiUGml9CsSmRUAoCZ_4GMenl_muc2MyrPEexbl4srq8ciHPhvdwBs9V7aNvnNW1kDOsI0GzBfPK8fPM2zqNvQ22Bwdoyl6x2BuF0UgxPs-Gtz98hWbcqlnLQcf5egdBYQdDU5cXpVIS2GqUbL2ZbPvuagb-mxjiqxwq8CSWJql0OM88IEr4GcHMvBwERpcbE-04BcN5BkOnvW-5GhX_5H7iQcL4TJNzsBjm3NEb28_pIRpkgYUnpjzFPXq6a28tss9OEBUGozN0F4E4AExkzJw_UJ7MxnbBlIxQ5t9R3ID0GXY83qAtT0TG7NkvRfDAeiGbO-yTvAjY7Vjj7AX6OAqQyXHMdjlABYGyvBtG_Eabp6YdaECYEoXZ_HAEp1Bh3sUUDp1yXa9d3XOsrmaRKpALEbVuZ-NGukdfGzYu8gjqWM7XyL0FWH3FsGzqIYQEx5BatN4JIbJf7LdYDBlIy_DJl_jTFZPVw6vIG98a32f4P945tvC8IaQk9xi8tnkbkq-uUVsUZ6arnmgMU-MiVP8dWh1GOpt6OcwG7tH6mrifNhPfnZoq7rfNSr-K3PDiO3AxiSWlvVSP7SudLNYOA1q9XYpncvGacsPaOMGmW4k6oYkvnFBvK8oTAC0FIiZP9Zp0iQ5vY2JDSvXpAnMnR6S8AiZpBBS6ppZb6tLA68PM6C1OC-MvMKtH3Uj5xTTZL039zwrsn7AASivKhxWZGzX-xlRJnvjz1c-FOBhl-Gx6JCiSmnKguv2ggwBMc8boOOYabs8PUCNmERXoNv371zduINnaxqNwAFDGWCUQ5YlxdbrFyTa3TWRXs1o9HySWu08oe0FZZ5SuS2j7U3KFIjAz8v-iclUlQlRbRjiksZ77qoNaHVYgdH-OyiP9-VS8CaIlUwaC69w-cYKE_lPMqrkFVwj421H1xi5dJ7_tf1diHNFdHjzvmAG6ZTx2LT5MqQdGDOWF3jXrX0vRKSeyugSXk99w1JGPFLCRRihZbkyfNRVqrFzmt5EK4eR0NaYRCQ5KAF4Gndn2gJ_6e-xz4bAmO5XH_CCw0vQzd_ldkfAd2aXOUbWnWU825GwwmTLx6iD-UB1CvdmkECT6SUJQyTH0OsL1xfeYC1n8dGb-pSpcElvAte7bLaMnfBlcEvUFzs-lhiXFrIrnimGNp6p0WMaI1gKF2mgxPiIHHByn5g1DSZZl1pP0oEIHlckHp8Jipz9CNqmZwvv1XrTOkKTdSemUJ-FeBSz4bM4sL-5Q_pJuWsEuTCsf829mMGcfNJR6HqHXL277L6hlooTFzrTTLW4BKpGRfTNTJ6poUShDiCvDjuKUZpc-_xbcC8MWrYU8Caz8Y0oMotXoGY_y7L5smGKE4WjTc6uLfm2TpoWXoRBUsJWzKvilEYT_cHvd12LCh1vTkJCBt85FAk24VhOmt65wvTAWhpYRAQ6s00gvn-rG1GuWM_hc7WNS5-HyB14rpqiUHSQj2Xlo-b7JkRpfHhjzN3Xx3quzB4fH5Jb8YcUmmNdULxUwqrBJscLAPQ4a-Ejsv2bYylB__g1lxAyHDO5KLu46CsRsIo0bLLuMOHQi0k1DXUrvUfAz1rsfGalA_F6Dj8oX7SGI13zB8WHx5fSMWyGRINkHQgw7WlwL7KFpSE1nYKxWXbUDdiZArqw9MstT8JBj-4LaavGZ2BF8w36ggD6AP7cJrQde1kx-2VtklIbPDQYgGBRvmfQBAK2lLN32Fxf_R-Y1dASZKUxBpoOh72YGxKH3v2cUIM0tStvD82VgRY--lPT7GsZXIulDcLsjd7GiNNjyfSWgwJ4Q6OD7VC-XFgRpxqFMsX22I2e85uBP3XxeDCtIDXiGFtV6EhrwBPw5RAVf_vlqHpPgjdKYP4d808Nv0tVmR7clZQbh2U7HkiKosEQmMmjahP4TISmwPJqx0NwZTJlxT332SIfjyuKWBqKsHtzL7IYlcfc8i9Ua6XwpeSRtn8Ld6x4zLhQqlWwmEczHulw8PRm1W2YK-sfP8mpWrAqIz3yLtUs8nt2n2O1wr6SxcefcnsSUe5b9UWnekEUwFyLNvbR4FGIsR1-UK_gJaGepo_P3V6WBPlqgKs1vmKUTFEoRP0RdEzFH95ecCgTqr24priE_72ZReCS69jx4HAWcY7C2q2cMKaNKnZ2NuA1JC9kXxscNjT69wrDhl9FrI2HEpmKd4V3NMWmBuaSIT-ql7WyF-o5f3djVQs6kJ-ozKj9V4RxS5Z5cbRfAJf0b2inI0VISxBQ5vaEKztE3HT83rqxHirAF3ht-L2nQTiax_RAPt1p5cryt_h5z9jUF97wxCU3zK8CS2CgnbuurAoi4uY4HtZ3VGbPnCyWybGp_8u-iZ2NAHCXU_YMUrIxEuxgYhRBKAXQ3y1LSE35fwRsIQh1SQFwku6s6zdv9e7Gutjda6F5JbfFtnPOiAxCl7kv1E73QG0d0-3qImyV8L_xwLgHK7JLERcnX3PKmZHqVxpRKfqN0kYROfOsWpEXZd49QdBrXk-a0H-9Cw8GiqDfrIvEEHJtvftu3kW4UbQLn7tknvqA0EFF0y9_LkDGnoXSPfvIZklyIXxgY5pftVU-i0wgnSm5qlqTI480rzC-W0PD3Yt0CvFUeTcvThwTwHs6-jbhMd0PFgFjM8RH164De4tQ6maMxH3-L3HCTU1uTlZ6DHMFnQrOnE6-UED2L_felusmhnQGHNwZvpgp9VqmZFw3CLkqV5_LEsI3etz1ZhvZQTz4we-XeemOK00mqHHEs0LQr0dOjsee7teLsCTPmwvbvSo4x9d7NHAut1exJfIRCqmbOxSwdPMB-cGmIsg0OFzTrMS9PFhuVK2UEfdEfj8IrDzRDTCslnZ2mMqw1B_Gz0OLtC0hY5YSBCVi5xGPo2i9rqJrFZ8T9q6GvfJ1z32fW4XQHKf-VFxr8IKeeE4cC8aMzIkm1kPI4YjOWcr5PBVGmJon12dHYwcIxezvaaMHEtcotBxN308mBm8DiCm-9tpOHUsa-AQ34H2mjcMJKBsPLzK1chrTOZ6QVq4pDsLV6ni0XVG7cjgw8le3U1ykxcc-VjqR9O7dsM7BLXfR7UCbnOwyeZiwoA0calH4jpjwzr-hGTrNsLFaSD56QIm9QDv075TOOSDmh9saxeNRbxUEmS_0rA1jcmSzHWyTKPD0qHuDYvSP1maDsheT1nb8tU1B1RpWRfyFHSomc5YRudIZZ046i11j8bou9KkZmuohK3rGnVd6r3zdsXzj0QExyU-hfZE5xNB_IRkl0bT2wswvP7PyUHZ_omEIFI7c9UXUcWixSC5-Jsr_KPh4dCZmSyH03Ut0DKyVUP8K-G53Wti2f6-PqhPDF3hA9saI1B1HLIRp85Q3e5sFMr4HJItpcQyTX3lJ7i_Sseajodnv3jtP2DKIsi3FeeYfvlZHNw6uu6pvGGSnSwBUxiMzz57_VbtRuq7dAzFxw1KAikJgepx_aW7YT92JhcWrV18JKP9WxNVWAzjqM79ark6CNWZu53cAnz2LsvYmwcZLBqPc7KRNPEtzQxbyNFTxem_gEEANTapBOx6MkCZzJXEFxS8Hxk2r9BzNzJwk2F29ME_an8h9hHDvc1SAZZ0elT08htVos3j4ZPhMGkIIBBI8AHKBCIOmfmKzbFOwU4l_hf-Oz7YJfJG3xwOI6WKkRIVKTZ9vvqAsTjSSrrK0rdWbycRcd36pFE2YcBB_GAFgAQ&cry=1

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:59 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWAuoHXBpfq5UDYMV8VBhq5QeIjSkUUs8Yu1iGQ5WApmPJeNDY&d=CokBAKAmf-A7Iw81zQh3Uil5Rq16f3gM15PMDcOGpVOWZPFAmBjp-1WTmJEe6squwWB68SHKIaVRHCW63pVz8zKQlRAVWvy_EMFmZ3_MupOcJf3KKGilpR4VqJGYJpYyguWJh-kcS6UzC5av0cLMzPqkimMnd9FiWNvFInQv5ufF-wdnEeyiUGml9CsSmRUAoCZ_4GMenl_muc2MyrPEexbl4srq8ciHPhvdwBs9V7aNvnNW1kDOsI0GzBfPK8fPM2zqNvQ22Bwdoyl6x2BuF0UgxPs-Gtz98hWbcqlnLQcf5egdBYQdDU5cXpVIS2GqUbL2ZbPvuagb-mxjiqxwq8CSWJql0OM88IEr4GcHMvBwERpcbE-04BcN5BkOnvW-5GhX_5H7iQcL4TJNzsBjm3NEb28_pIRpkgYUnpjzFPXq6a28tss9OEBUGozN0F4E4AExkzJw_UJ7MxnbBlIxQ5t9R3ID0GXY83qAtT0TG7NkvRfDAeiGbO-yTvAjY7Vjj7AX6OAqQyXHMdjlABYGyvBtG_Eabp6YdaECYEoXZ_HAEp1Bh3sUUDp1yXa9d3XOsrmaRKpALEbVuZ-NGukdfGzYu8gjqWM7XyL0FWH3FsGzqIYQEx5BatN4JIbJf7LdYDBlIy_DJl_jTFZPVw6vIG98a32f4P945tvC8IaQk9xi8tnkbkq-uUVsUZ6arnmgMU-MiVP8dWh1GOpt6OcwG7tH6mrifNhPfnZoq7rfNSr-K3PDiO3AxiSWlvVSP7SudLNYOA1q9XYpncvGacsPaOMGmW4k6oYkvnFBvK8oTAC0FIiZP9Zp0iQ5vY2JDSvXpAnMnR6S8AiZpBBS6ppZb6tLA68PM6C1OC-MvMKtH3Uj5xTTZL039zwrsn7AASivKhxWZGzX-xlRJnvjz1c-FOBhl-Gx6JCiSmnKguv2ggwBMc8boOOYabs8PUCNmERXoNv371zduINnaxqNwAFDGWCUQ5YlxdbrFyTa3TWRXs1o9HySWu08oe0FZZ5SuS2j7U3KFIjAz8v-iclUlQlRbRjiksZ77qoNaHVYgdH-OyiP9-VS8CaIlUwaC69w-cYKE_lPMqrkFVwj421H1xi5dJ7_tf1diHNFdHjzvmAG6ZTx2LT5MqQdGDOWF3jXrX0vRKSeyugSXk99w1JGPFLCRRihZbkyfNRVqrFzmt5EK4eR0NaYRCQ5KAF4Gndn2gJ_6e-xz4bAmO5XH_CCw0vQzd_ldkfAd2aXOUbWnWU825GwwmTLx6iD-UB1CvdmkECT6SUJQyTH0OsL1xfeYC1n8dGb-pSpcElvAte7bLaMnfBlcEvUFzs-lhiXFrIrnimGNp6p0WMaI1gKF2mgxPiIHHByn5g1DSZZl1pP0oEIHlckHp8Jipz9CNqmZwvv1XrTOkKTdSemUJ-FeBSz4bM4sL-5Q_pJuWsEuTCsf829mMGcfNJR6HqHXL277L6hlooTFzrTTLW4BKpGRfTNTJ6poUShDiCvDjuKUZpc-_xbcC8MWrYU8Caz8Y0oMotXoGY_y7L5smGKE4WjTc6uLfm2TpoWXoRBUsJWzKvilEYT_cHvd12LCh1vTkJCBt85FAk24VhOmt65wvTAWhpYRAQ6s00gvn-rG1GuWM_hc7WNS5-HyB14rpqiUHSQj2Xlo-b7JkRpfHhjzN3Xx3quzB4fH5Jb8YcUmmNdULxUwqrBJscLAPQ4a-Ejsv2bYylB__g1lxAyHDO5KLu46CsRsIo0bLLuMOHQi0k1DXUrvUfAz1rsfGalA_F6Dj8oX7SGI13zB8WHx5fSMWyGRINkHQgw7WlwL7KFpSE1nYKxWXbUDdiZArqw9MstT8JBj-4LaavGZ2BF8w36ggD6AP7cJrQde1kx-2VtklIbPDQYgGBRvmfQBAK2lLN32Fxf_R-Y1dASZKUxBpoOh72YGxKH3v2cUIM0tStvD82VgRY--lPT7GsZXIulDcLsjd7GiNNjyfSWgwJ4Q6OD7VC-XFgRpxqFMsX22I2e85uBP3XxeDCtIDXiGFtV6EhrwBPw5RAVf_vlqHpPgjdKYP4d808Nv0tVmR7clZQbh2U7HkiKosEQmMmjahP4TISmwPJqx0NwZTJlxT332SIfjyuKWBqKsHtzL7IYlcfc8i9Ua6XwpeSRtn8Ld6x4zLhQqlWwmEczHulw8PRm1W2YK-sfP8mpWrAqIz3yLtUs8nt2n2O1wr6SxcefcnsSUe5b9UWnekEUwFyLNvbR4FGIsR1-UK_gJaGepo_P3V6WBPlqgKs1vmKUTFEoRP0RdEzFH95ecCgTqr24priE_72ZReCS69jx4HAWcY7C2q2cMKaNKnZ2NuA1JC9kXxscNjT69wrDhl9FrI2HEpmKd4V3NMWmBuaSIT-ql7WyF-o5f3djVQs6kJ-ozKj9V4RxS5Z5cbRfAJf0b2inI0VISxBQ5vaEKztE3HT83rqxHirAF3ht-L2nQTiax_RAPt1p5cryt_h5z9jUF97wxCU3zK8CS2CgnbuurAoi4uY4HtZ3VGbPnCyWybGp_8u-iZ2NAHCXU_YMUrIxEuxgYhRBKAXQ3y1LSE35fwRsIQh1SQFwku6s6zdv9e7Gutjda6F5JbfFtnPOiAxCl7kv1E73QG0d0-3qImyV8L_xwLgHK7JLERcnX3PKmZHqVxpRKfqN0kYROfOsWpEXZd49QdBrXk-a0H-9Cw8GiqDfrIvEEHJtvftu3kW4UbQLn7tknvqA0EFF0y9_LkDGnoXSPfvIZklyIXxgY5pftVU-i0wgnSm5qlqTI480rzC-W0PD3Yt0CvFUeTcvThwTwHs6-jbhMd0PFgFjM8RH164De4tQ6maMxH3-L3HCTU1uTlZ6DHMFnQrOnE6-UED2L_felusmhnQGHNwZvpgp9VqmZFw3CLkqV5_LEsI3etz1ZhvZQTz4we-XeemOK00mqHHEs0LQr0dOjsee7teLsCTPmwvbvSo4x9d7NHAut1exJfIRCqmbOxSwdPMB-cGmIsg0OFzTrMS9PFhuVK2UEfdEfj8IrDzRDTCslnZ2mMqw1B_Gz0OLtC0hY5YSBCVi5xGPo2i9rqJrFZ8T9q6GvfJ1z32fW4XQHKf-VFxr8IKeeE4cC8aMzIkm1kPI4YjOWcr5PBVGmJon12dHYwcIxezvaaMHEtcotBxN308mBm8DiCm-9tpOHUsa-AQ34H2mjcMJKBsPLzK1chrTOZ6QVq4pDsLV6ni0XVG7cjgw8le3U1ykxcc-VjqR9O7dsM7BLXfR7UCbnOwyeZiwoA0calH4jpjwzr-hGTrNsLFaSD56QIm9QDv075TOOSDmh9saxeNRbxUEmS_0rA1jcmSzHWyTKPD0qHuDYvSP1maDsheT1nb8tU1B1RpWRfyFHSomc5YRudIZZ046i11j8bou9KkZmuohK3rGnVd6r3zdsXzj0QExyU-hfZE5xNB_IRkl0bT2wswvP7PyUHZ_omEIFI7c9UXUcWixSC5-Jsr_KPh4dCZmSyH03Ut0DKyVUP8K-G53Wti2f6-PqhPDF3hA9saI1B1HLIRp85Q3e5sFMr4HJItpcQyTX3lJ7i_Sseajodnv3jtP2DKIsi3FeeYfvlZHNw6uu6pvGGSnSwBUxiMzz57_VbtRuq7dAzFxw1KAikJgepx_aW7YT92JhcWrV18JKP9WxNVWAzjqM79ark6CNWZu53cAnz2LsvYmwcZLBqPc7KRNPEtzQxbyNFTxem_gEEANTapBOx6MkCZzJXEFxS8Hxk2r9BzNzJwk2F29ME_an8h9hHDvc1SAZZ0elT08htVos3j4ZPhMGkIIBBI8AHKBCIOmfmKzbFOwU4l_hf-Oz7YJfJG3xwOI6WKkRIVKTZ9vvqAsTjSSrrK0rdWbycRcd36pFE2YcBB_GAFgAQ&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D309 91 KB
23 KB 33ms
33ms Script
application/javascript 2600:9000:2246:a800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 5071afda1ab6f09c39c5873ced3e225c.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23602123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 51VnQBQiSzpS8k4aXft5if6shts-0KzURtdhGAj9GFAKyLIO8rJAdg==

GET
H3 200 03032023-031222251-320_1200_v_1050x2340_2210-anf-lb468fd76-0bc2-4269-8a6a-a41f4b96aff9.png
s0.2mdn.net/4528404/ Frame 86DF 174 KB
174 KB 23ms
22ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031222251-320_1200_v_1050x2340_2210-anf-lb468fd76-0bc2-4269-8a6a-a41f4b96aff9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d2ea64feb90fec56aab7ae35078d8addd9033751386fdd52de2cab7bf87dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:17:15 GMT
x-content-type-options: nosniff
age: 41264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178134
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 08:17:15 GMT

GET
H3 200 03032023-031229407-320_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 86DF 55 KB
55 KB 38ms
38ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031229407-320_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2b86f468d5bf4d09d57039677a5b7aad9e9fc146b8d33e0686bbe7e0361c465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:28:45 GMT
x-content-type-options: nosniff
age: 18974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56185
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 14:28:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGcId,pingTime:-3,time:83,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFGi+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGcIf,pingTime:-6,time:85,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFGi+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:30%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF2F 0
20 B 62ms
61ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3eKlOlOTZNGNNZWd9u8P0s280A0AAAAAOAHgBAI&bg=!4-Cl4LTNAAaGYqkwpmI7ADkAdvg8Wl4g-zdp7NmKLCXEJRU0xS6ocf6EVPPdGtzjs-lPf9ZfZbfXv3l_aKRV2k5mqJTQc6mJdPYCAAAB6VIAAAAEaAEHmQMpC0QQ6CNCsd2H28bL9wjiyf_sRRgzk_bc7ceJ32BjP7NmjvPD7thkLR0edltQVhfpBmNsdxD_QKtXQByaQpFRCQnT4zEs7QDHRFiCjuSYOQrfKBG19fI80O-M-p-tqodlkAwMtXEG-38h5RFatsv6lLTO1xEFLWukrektapQ2oiy-FVdNNQ59vJq-R4SlrzD2hX9wdHOgwiZ1n5bpRFVQO0CmIyij9P1ogacbHDyDXiwRxgqoix2lcINqQivm8yGFa6HlzO2sNNhQQINEfLHvTw-fiGxe3u_dtzrrmZTvWl2KVQLjPDpejrDwJE5fHkyegfJ1-48meAOf50rv0CAfh6xisHtIKP_4dP5bLtpya3FGa3EIRM1Coq08RZIN_BkysiM9uhTguF_aX75ACzX_aytPkFZyZapu8YoqlEDBk5jlFuWRCJZPtL0Gc5foVYK8wljrqQnZKn0yCFXpzAurfD6fy_ovwQSRaKoNvTVt-a7RZO1tzSyhaKkwzzc9aQqyYRcODG4qoqLbtrX314G9k6HcDWEMusXZgrxScZiORAzeHM5vhqMgvckOUzQZd-N9N8TjlhALM_G1AMhmV3a-xpaRLIeEFXcQFDoVBrXdzI9GK3mhVeXAYLolIhKnp4ty_anZaA7-g9k85ZZX441oMKjkTKtyN9_W4oFFZbTE0AOAhWpVDL6zLFLvyc6u6kymqDG_tfomkHiO6wJLhHJNGv8PmF6-i3J-QLbMiWivPHUxUQBMKEWQAzg_F2QnpazGDxzVsleubu1moNiobv9FSBVbBuWwem-xPLnZ-RrBlTdhP1L_TlniH823odmf7WORLWe_oqS1Gqfu52XEkm8dPca1l9S925OJCwSRt7C54Zra18Cx7s5Mu82Mgm-m74cq6ZOe7aubPmLgH1gqzKtJSQjhYEsFBoMWoxiR0Dr_fC5_669-ornyBwjeJTqmlAvFTb0a9ERl6gRL7A-EtDukwMTbUMH85Nulw-NPY4NKiftR0Ay3YTtQC4xhAAfzMQM5GRSMhi4KfeorXUz29CeHPmxojEmHe_TZY83GqiJ-yZBrCAECjHb7GM0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGcIQ,pingTime:-2,time:122,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:451,beZ:452,mfA:455,cmA:456,inA:457,inZ:464,prA:465,prZ:473,si:480,poA:482,poZ:511,cmZ:511,mfZ:511,loA:535,loZ:539,ltA:572,ltZ:573%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B111~0%5D,as:%5B111~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:30,sinceFw:90,readyFired:false%7D&br=c
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DAA6 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 05:42:40 GMT
expires: Thu, 20 Jun 2024 05:42:40 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74EB 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9yVLFLCBg4sBEA8lGRyaPihCvoQk4T4J_Qg_rpPHIjctI-lapl7AdyKa4kXg9n3UL80kg1vlqDu3lLyihP5DXqqt40wjFoANnVojZd7KsQny2_KFKlzcX-LIvk8h2llVn9pUW77w41CsK&sai=AMfl-YR__yjXoy7Ueu93_lmD-th164YOg3J2BNbrSdcji0kF5jE1wCRexcVtP2Xyo6OksHPF-UZUEtaoNnFxXtZlMccF3Ao7ue9nrKVcnKvRW08lHXAkamas454fmJ4b&sig=Cg0ArKJSzDpNSh3H-1P3EAE&cid=CAQSPABygQiDOJGQf5GGzGUZj-KRHMPyvpWWURnkzgXadqnDJuETuT4-1wsplRwQoIzRD8MmDU2q-qOHlaEy2RgB&id=lidar2&mcvt=1018&p=153,1526,193,1567&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2966292975&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376698621&rpt=348&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 03032023-031222251-320_1200_v_1050x2340_2210-anf-lb468fd76-0bc2-4269-8a6a-a41f4b96aff9.png
s0.2mdn.net/4528404/ Frame 86DF 174 KB
174 KB 21ms
21ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031222251-320_1200_v_1050x2340_2210-anf-lb468fd76-0bc2-4269-8a6a-a41f4b96aff9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d2ea64feb90fec56aab7ae35078d8addd9033751386fdd52de2cab7bf87dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 08:17:15 GMT
x-content-type-options: nosniff
age: 41265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178134
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 08:17:15 GMT

GET
H3 200 1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js Show response
pagead2.googlesyndication.com/bg/ Frame DAA6 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1SSVsYZJr8uIwdDGCB28uEfJ_gMT-7RJhMj1JjXxEHA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 342514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14776
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 20:36:26 GMT

GET
H3 200 IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js Show response
pagead2.googlesyndication.com/bg/ Frame E195 38 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IQSFUkhUGxVfAIopecFKbiTYCckszFTcFsmN0yEW6wM.js

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:33:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14804
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:33:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcNP,pingTime:1,time:1253,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1071,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~970.250%5D%7D%7D,%7Bsl:i,t:182,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1071~100%5D,as:%5B1071~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:218,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18.266706-51196693,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:422%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGcNQ,pingTime:1,time:1254,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1072,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~970.250%5D%7D%7D,%7Bsl:i,t:182,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1072~100%5D,as:%5B1072~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:218,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18.266706-51196693,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:422%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8057 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 18B1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e045e2c7009c7b91aad30acc31dab15698f1ce3e7ad971b7e48fae5d8154137

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAA6 0
20 B 61ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfSPOO1OTZOieLtbt3wP2rLGoCgAAAAA4AeAEAg&bg=!_v2l_anNAAaGYqkwpmI7ADkAdvg8WjBIKTuYamlT2qy5kDSurDbOTxKPh8mqbSVeZfMdN6bWLzS3J1zcLtCdtgbsiFQIvS1SJTsCAAAA21IAAAADaAEHCgA5czxZqmL-tZzDSQ4bvp6p65ZLlb1foqg4BMw-A2QeIYaQn9rSGBdqwBs-eOONr46J4na9dr33XJJVmQM-uTky1hKPxufwzS4u-dkADs5SKbLF6iEaTjG8uCoy_1_UP0bJXj7nX7LQQK-Hfz30IYHAWLdnCG6gg9KjvzhMpc6SuY73zuvP_adrCnINp0nBQo62o-RC-c5yM83c-7wbheJqw55G04_deP8rbwuy69VBdlNqo41NmsYGVwYrd_-Y07MwG-h3WJZ2LWRoEUmROLatkJpZafaGqyjvQWkxoQiNuP9XmhE21tI4pIMs_O1T1AYrJxFMwb1Mn6ktshzI0wP-vcSv5o6MU8GUtsmj4jPkwX0afg149p0mGHn8rjUar1N83HuoGBFbWB1Z8XoVwOWxtmjdUi20hwToNz_maYyRQBZZfJBzZo2wdiMFVp9AXmRAP3FUWldE-M-dS9qQzrih68JZpIiWIjOGVILUIgSE0vUjUF7tpATWQoWcW2nTT5f1StotDssop8S68_Ma4tlI_PpHgieQPSsIDLWe4oAuvm-9IknAH32tyjyuu7TfUS2DKS5X4mjurMdqu_uL1Y1WFf4rvapjLPOsbcL4_1OzXRHqOeemwOSdz7acy7_mndm-u6WvEuzfSLcS-lYvJOe9_NhbT6m43MknKik6FexO5aN8eT4DWDf81kyRWTg3kARrlRmay1dRf__UeinLbu8ruXjz5QrNwBjaQdXNYBpbBcy-yAu8Y49Yl58XyuFloMJDEtD6D_O7edasm1zNBqRZlO7LEnFUa1k2bDs7qsu-f24RtETkFy57cf-RoQwq8_KxBh4cyGns_tYzV3HfVEOidCyuOZqhjlHY1vYdMb4Gplg0I_0avz8vZ_bmCVKQ6PCvyInwOupTR9qTNN4yo07JvJBST-D3r5zlEKM1eXnTVZBFCdnv6t5EKv1h-qLqqITfynrKesGilTeSEbvT7lTKBvokyXKwrRrrMrxMWFp5aUSzRhGe8FHvi6LVASvZ-W8Za6tu3koRsJ2qGCPanS0Ufz1r9c-kf2lo2-2s-TnzBqF4SweWU_ujKKHort1mwdM-fDUOpkxS-QQMfyEtEJI6NPDdhGnyaeaYLiVK1Talfx7Lm4HpUlXGqA0kT3N_pBt3MSd92J1zJyaK9540bUqxlDAw2W1VDiFMbuk

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 8057 43 B
445 B 300ms
294ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEAPszM0xivO_KdlcYKuF5WE&google_cver=1&google_push=ATf1kGMloZSKs4zkThmKyqQspgNl-Llk84Xfy0u0M5ibE0Id2q489krXboaAaq7KBTLG1OaeP_4Qf6NPFobJU5wOJay89BUTq8yF3B6KU22TKnSpyRRPXTvODQtlZcA2Ted258oVIuX9HlB_&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMloZSKs4zkThmKyqQspgNl-Llk84Xfy0u0M5ibE0Id2q489krXboaAaq7KBTLG1OaeP_4Qf6NPFobJU5wOJay89BUTq8yF3B6KU22TKnSpyRRPXTvODQtlZcA2Ted258oVIuX9HlB_%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7daebfd9fb0d914c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8057
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDLu4gvwFJkX3TuE3pCRgOw&google_cver=1&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm7ZeF4OJ_4hNPxFnRuqqRYeZQwx5DieUr46hhx4vtgH...

170 B
188 B

36ms
36ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm7ZeF4OJ_4hNPxFnRuqqRYeZQwx5DieUr46hhx4vtgHf71z10X6J2V1mXYW&google_hm=hmSTUzpULpZMOZcR6w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6493533A542E964C399711EBBLIS

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=ATf1kGM9dZEncPXSUsWOzETMcOJL89tqOROOQ1X53CzLAPCH1imGaXiPc4WQ_T2cj5rMK-EtUKM5nwuhvdtRMm7ZeF4OJ_4hNPxFnRuqqRYeZQwx5DieUr46hhx4vtgHf71z10X6J2V1mXYW&google_hm=hmSTUzpULpZMOZcR6w&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6493533A542E964C399711EBBLIS
date: Wed, 21 Jun 2023 19:45:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8057
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEHMFFqsX7aUkZs60piUGB0c&google_cver=1&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-bl2hzdXI...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-b...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-bl2hzdXIYZaqMQdb-9MqGweKsEG7o21HUGa2JByr2TqxhORamYG0iZwD8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=mKMCnS0TSx-K-nI0y_OMGQ&google_push=ATf1kGOnV4kQYaneGEtAnv53GPqRxTFaXT6i6MAkB56Z_0nTs6e_dLRYgdWyLAd-PNxWzh6CdTlugPkrHYZ8W-bl2hzdXIYZaqMQdb-9MqGweKsEG7o21HUGa2JByr2TqxhORamYG0iZwD8
access-control-allow-origin: *
date: Wed, 21 Jun 2023 19:45:00 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8057
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-9d839060-d945-49e1-957b-43491023b74d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DATf1kGMaktVj59irDPKjKQ33s...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRx...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRxy4tV54hK&google_hm=A52DkGDZRUnhlXtDSRAjt00

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ATf1kGMaktVj59irDPKjKQ33sxCOcppk3eRCbO5mBebQN7UFIJl4HXpZtjB-mF4WwL8KucZclbM5H7qramYbvx6wcdZdHFCn0tnn46M4chfZSUpKBcMOkmdf3haMS_8h-jAOMvRxy4tV54hK&google_hm=A52DkGDZRUnhlXtDSRAjt00
date: Wed, 21 Jun 2023 19:45:00 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d839060d94549e1957b43491023b74d003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8057
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEFU8PNWEihtaGJLtYNxMF3E&google_cver=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUduXRIBGIL5HRh-1qvz1h9_V8dUITznFO8CypoiTqrILVdyvcs_kwW610PelyUOTw0rED...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUdu...

170 B
188 B

33ms
33ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUduXRIBGIL5HRh-1qvz1h9_V8dUITznFO8CypoiTqrILVdyvcs_kwW610PelyUOTw0rEDn0WwrXpKwFpjsdmqZYe_ie2X7bDi7ko3UbzPh6kBHWvjaQ&gdpr=&gdpr_consent=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:45:00 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&mn_hm=MzMwMzc4Mjk4NzYyOTMwOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGPbs7lptaZBntgEKhEEib0PUduXRIBGIL5HRh-1qvz1h9_V8dUITznFO8CypoiTqrILVdyvcs_kwW610PelyUOTw0rEDn0WwrXpKwFpjsdmqZYe_ie2X7bDi7ko3UbzPh6kBHWvjaQ&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 21 Jun 2023 19:45:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 8057 0
44 B 41ms
38ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJc0IbaYyiVt-MbMrUbMjoM&google_cver=1&google_push=ATf1kGMISEH0yjhGXLX9AvOnGkkpMOs_7LRgvt7Fkwmwhz79aPBllr5cAF1Q2D3Hvq293q4wVzRI2Z382Yan1Je532HcOEswDy4EwZtaDBbmy7J17cMnbtRrMrtw9xJf8c6EgNVN2e24IsxG
Requested by: Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:59 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8057
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHfD0wyXe...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHf...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d7f616f9-f3ff-4aec-bba8-839d7ec071e0&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d7f616f9-f3ff-4aec-bba8-839d7ec071e0&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=d7f616f9-f3ff-4aec-bba8-839d7ec071e0&%%GOOGLE_PUSH_PAIR%%
date: Wed, 21 Jun 2023 19:45:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8057 0
12 B 32ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JuMefi-4ahJvpdO-sa6EelmAS_Di0UYzMVU-6TnsGYj75VJNJEw-0QpfY6avZ0F5wSVLtfSg

Requested by

Host: 186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
URL: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:45:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGcQl,time:587,type:e,im:%7Bpci:%7Btdr:521%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:587,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B576~0%5D,as:%5B576~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:208,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EB 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5502946254542&version=m202301230201&ct=76&x=1&cor=12523580099974610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C687 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3019666486459&version=m202301230201&ct=76&x=1&cor=14066248377912650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CDC3 0
54 B 438ms
437ms Ping
image/gif 2404:6800:4009:832::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lj64iq5f&c=2330846519118&slotId=1165423259559&qqid=CI3U7YWQ1f8CFaeEJwIdApwK_Q&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fb68e6b4c4cd4921e7448129c8daa4c3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4009:832::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 18B1 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvI4_HfM3VxgjU9pjKCyOyxNMvlFFztRwFscx4IUZsrfCbZnrklX9FAm9HMXQqnb0wk5m5yhrfgbS6off5ynosoAx8DsWuYiAhy8IAy67GHh8AguIiQK4JzAYFZSShgToaXGL3WFAQ1YHu&sai=AMfl-YSgfnDXWUeAhoNVv8iqtgFyfroepdm6wyTDK_5hGozAA_n2Xx-L3Wj9rxh3efO3QALfNQ_asdj19AzsL4EpgBUPJwBPjADBQ4h6M32U-vcRALKsEdOPwy4oWpTf&sig=Cg0ArKJSzIZP_bTr4FJ-EAE&cid=CAQSPABygQiDpn5is2xTsFOJf4X_js-2CXyRt8cDiOlipESFSk2fb76gLE40kq6ytK3Vm8nEXHd-qRRNmHAQfxgB&id=lidar2&mcvt=1000&p=153,33,753,193&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1502987301&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376699455&rpt=962&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18B1 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9223696430842&version=m202301230201&ct=76&x=1&cor=11402043905071204000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGd7g,pingTime:1,time:1636,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D,%7Bpiv:100,vs:i,r:,t:636%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B625~0%5D,as:%5B625~160.600%5D%7D%7D,%7Bsl:i,t:636,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGd7h,pingTime:1,time:1637,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D,%7Bpiv:100,vs:i,r:,t:636%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B625~0%5D,as:%5B625~160.600%5D%7D%7D,%7Bsl:i,t:636,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGd9M,pingTime:-10,time:1792,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687376699860%7C%7C77abc1317bc2649efa45058ce8e4ad40%7C%7C8623b242deb4313525321dba17b62725%7C%7Ccdc69ff84fbc0cbc86149288eecbd9a2%7C%7C71da0a2891db5d836ea386c292dda37c%7C%7C3199e8e547e62c0032e0c5192d93cd50%7C%7C474ab3f4e7f07ee9c02f980ccf0b03b8%7C%7C2cd2e790b4e225605935f45bb5dcee54%7C%7C1663701684,sca:%7Bspg:554ce6f0-f7a4-acf6-e706-66167dc6d35e%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:01 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 03032023-031229407-320_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png
s0.2mdn.net/4528404/ Frame 86DF 55 KB
55 KB 22ms
21ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/03032023-031229407-320_1200_720x610_stoerer-gbplusdd45da6a-b9ac-4a7c-9506-d902c6e1e866.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2b86f468d5bf4d09d57039677a5b7aad9e9fc146b8d33e0686bbe7e0361c465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4323423352959208367/index.html?e=69&leftOffset=0&topOffset=0&c=8g9c8rq3J7&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:28:45 GMT
x-content-type-options: nosniff
age: 18978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56185
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 11:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 14:28:45 GMT

GET
H2 200 dc_oe=ChMI0ZL0hZDV_wIVlY79Bx3SJg_aEAAYACCQvfdKQhMI1bPZhZDV_wIV8VqkBB1SxAfE;stragg=1;&timestamp=1687376703115;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 74EB 42 B
251 B 102ms
60ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0ZL0hZDV_wIVlY79Bx3SJg_aEAAYACCQvfdKQhMI1bPZhZDV_wIV8VqkBB1SxAfE;stragg=1;&timestamp=1687376703115;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je36e2&_p=769188532&cid=1493845771.1687376698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&sid=1687376697&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 196ms
196ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGdDw,pingTime:3,time:3636,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D,%7Bpiv:100,vs:i,r:,t:636%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:3000,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B625~0%5D,as:%5B625~160.600%5D%7D%7D,%7Bsl:i,t:636,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3000~100%5D,as:%5B3000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490,metricId:TAqUe1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:03 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGdPd,pingTime:5,time:5183,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~970.250%5D%7D%7D,%7Bsl:i,t:182,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18.266706-51196693,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:422%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:04 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame C687 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=554ce6f0-f7a4-acf6-e706-66167dc6d35e&tv=%7Bc:gcGdPe,pingTime:5,time:5184,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:24%7D,%7Bpiv:100,vs:i,r:,t:182%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B174~0%5D,as:%5B174~970.250%5D%7D%7D,%7Bsl:i,t:182,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C15%7C16*.1431402-70901275%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18.266706-51196693,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:26,sis:422%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:04 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 175ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGe9M,pingTime:5,time:5636,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D,%7Bpiv:100,vs:i,r:,t:636%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B625~0%5D,as:%5B625~160.600%5D%7D%7D,%7Bsl:i,t:636,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:05 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 18B1 43 B
215 B 174ms
174ms Image
image/gif 2600:1f13:800:7782:b239:61ed:349f:eca6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=266706&asId=6c2f6b0c-b063-c197-dec0-bfb13af5e5d0&tv=%7Bc:gcGe9M,pingTime:5,time:5636,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:29%7D,%7Bpiv:100,vs:i,r:,t:636%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B625~0%5D,as:%5B625~160.600%5D%7D%7D,%7Bsl:i,t:636,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:tHQwFt2+11%7C121%7C122%7C13%7C14%7C151%7C152%7C153%7C154%7C155%7C16.1431402-70901275%7C161%7C162%7C163%7C1641%7C1711%7C18*.266706-51196693%7C181,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:30,sis:490%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:b239:61ed:349f:eca6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:45:05 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ensonhaber.com/	1970-01-20 22:18:56	Name: _ga Value: GA1.1.1493845771.1687376698
.ensonhaber.com/	1970-01-20 14:52:32	Name: _gcl_au Value: 1.1.1047006101.1687376698
.criteo.com/	1970-01-20 22:04:32	Name: uid Value: c1344e20-193d-4fcc-b166-c38d4e73ba82
.doubleclick.net/	1970-01-20 12:43:00	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 14:52:32	Name: UserID1 Value: 7247227733972482202
.blismedia.com/	1970-01-20 21:28:36	Name: b Value: 6493533A542E964C399711EBBLIS
.pubmatic.com/	1970-01-20 12:44:23	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 14:52:32	Name: CMPS Value: 2189
.casalemedia.com/	1970-01-20 14:52:32	Name: CMPRO Value: 2189
.adform.net/	1970-01-20 13:26:08	Name: C Value: 1
.ensonhaber.com/	1970-01-20 22:04:32	Name: cto_bundle Value: F99rGV9mNnYlMkZUNlZHWjZUWEpxJTJGQlloSlpDSU5pZGd6cFhINjRwJTJGWXhpSzBZZjBqNnhtdmQ2emRUNiUyRjNZJTJCOWJ6enE5bVpUaUl0NnhySW95em9ZbDRMUVZQVUdwM0MlMkZSJTJGWjMlMkJvNkklMkJaMDdtMDliZDhnYlF0MnpkVmdxMmZNSnh1eDMlMkZhM3FlTCUyQmFFZTFnbWtUVVElMkIxV2FCbXclM0QlM0Q
.1rx.io/	1970-01-20 21:28:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9d839060-d945-49e1-957b-43491023b74d-003%22%7D
.pubmatic.com/	1970-01-20 21:28:32	Name: KADUSERCOOKIE Value: 13B945A4-B2DA-4A6B-88F4-532963C49AF2
.adform.net/	1970-01-20 14:09:20	Name: uid Value: 3327702947474590132
.casalemedia.com/	1970-01-20 21:28:32	Name: CMID Value: ZJNTOi1OBnE07BwZmdww5AAA
.adnxs.com/	1970-01-20 14:52:32	Name: uuid2 Value: 3040814300049457866
.targeting.unrulymedia.com/	1970-01-20 21:28:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9d839060-d945-49e1-957b-43491023b74d-003%22%7D
.3lift.com/	1970-01-20 14:52:32	Name: tluid Value: 1513505014243586190742
match.sharethrough.com/	1970-01-20 12:53:01	Name: AWSALBCORS Value: +QoI5pg9Hab/YHNLiPeIo0CzcEiAQcPW/0dG51IlEMvguuSpGmYWBkqW/+FsYFkZWLbnRNtfq6axZkWS8aBf6TgzpwlBXg9H3wrr1IM2f3sGIi5Rn+jMsq76mDk1
.media.net/	1970-01-20 21:28:32	Name: visitor-id Value: 3303782987629309000V10
.360yield.com/	1970-01-20 14:52:32	Name: tuuid Value: 98a3029d-2d13-4b1f-8afa-7234cbf38c19
.360yield.com/	1970-01-20 14:52:32	Name: tuuid_lu Value: 1687376699
.quantserve.com/	1970-01-20 14:52:32	Name: d Value: EBUBCQGkKYEA
.quantserve.com/	1970-01-20 22:13:11	Name: mc Value: 6493533b-14d92-056e2-5ad1a
.travelaudience.com/	1970-01-20 22:13:11	Name: _tracker Value: %7B%22UUID%22%3A%22A65A17B1-EDD2-4551-9F49-74628A5821B2%22%7D
.yahoo.com/	1970-01-20 21:28:54	Name: A3 Value: d=AQABBDtTk2QCEJiKYHWmD0TvOPX7-JuXspcFEgEBAQGklGSdZOAPyiMA_eMAAA&S=AQAAAus05iLSc7P7ZNgz-oWZmBA
.adnxs.com/	1970-01-20 14:52:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6ghM!o!]td!8i_iqf!oN/@E'zz<Z0QS%d4oCrE4([o)ch%9VdFuU/`%e8M<gOddOTD._*PlZ[C[-kX-A6??M
.yieldmo.com/	1970-01-20 21:28:32	Name: yieldmo_id Value: g6a1ef6414fcb797d194%7C1687376699158%7C0%7C
.analytics.yahoo.com/	1970-01-20 21:28:32	Name: IDSYNC Value: 18yx~2ccj
.doubleclick.net/	1970-01-20 22:04:32	Name: IDE Value: AHWqTUm8vro0gZUx-9kwkOtWGMrLyPF4iYAaKxob8EaMdBGr6Xnq0L9awD_qcjpAbkA
.ensonhaber.com/	1970-01-20 22:04:32	Name: __gads Value: ID=ddbef69e0909f016:T=1687376697:RT=1687376697:S=ALNI_MaGGmZhGNFNHDj_aurT-KHBoFmE5Q
.ensonhaber.com/	1970-01-20 22:04:32	Name: __gpi Value: UID=00000c57bd8cb802:T=1687376697:RT=1687376697:S=ALNI_MYdKSPTEoE_kt5pMgKatyX3WcU0jA
.ensonhaber.com/	1970-01-20 22:18:56	Name: _ga_3G92ST5T0Z Value: GS1.1.1687376697.1.0.1687376699.0.0.0
ads.travelaudience.com/	1970-01-20 22:13:11	Name: _tracker Value: %7B%22UUID%22%3A%22A65A17B1-EDD2-4551-9F49-74628A5821B2%22%7D
.turn.com/	1970-01-20 17:02:08	Name: uid Value: 3598002663648012884
.lijit.com/	1970-01-20 21:28:32	Name: ljt_reader Value: G2sBLGZHqkKHfr1kQ6Kf8Nqe
.media.net/	1970-01-20 13:03:06	Name: data-g Value: CAESEFU8PNWEihtaGJLtYNxMF3E~~3
.bidswitch.net/	1970-01-20 21:28:32	Name: tuuid Value: d7f616f9-f3ff-4aec-bba8-839d7ec071e0
.bidswitch.net/	1970-01-20 21:28:32	Name: c Value: 1687376700
.bidswitch.net/	1970-01-20 21:28:32	Name: tuuid_lu Value: 1687376700
.tribalfusion.com/	1970-01-20 14:52:32	Name: ANON_ID Value: aGnu7qoNIvapmVrCJIO0wSenjEoD43n7dHvSYZb89CWpiBXUbDUMb4oyV7oWEoSoShqlJeTOFZb1aSTM8ycwMug6nFZaE1KRWYjJTQIJtBr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

186a7396695e52aaa9b1541c807e6006.safeframe.googlesyndication.com
a.tribalfusion.com
accounts.google.com
ade.googlesyndication.com
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
api-stg.ensonhaber.com
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
cc.adingo.jp
cdn-ima.33across.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
csi.gstatic.com
d.turn.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ensonhaber.com
esp.rtbhouse.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
icdn.ensonhaber.com
image6.pubmatic.com
invstatic101.creativecdn.com
lh3.googleusercontent.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
pagead2.googlesyndication.com
r4---sn-4g5lznes.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
rtb.openx.net
s.ensonhaber.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
sync.teads.tv
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
www.ensonhaber.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.75.89.75
13.248.245.213
142.250.181.226
142.250.185.66
172.64.152.222
178.250.7.13
185.102.219.173
185.80.39.216
185.86.139.103
198.47.127.19
2.18.160.23
2001:4860:4802:32::36
2001:678:cb4:bbbb::13
202.241.208.55
2404:6800:4009:832::2003
2600:1f13:800:7782:b239:61ed:349f:eca6
2600:9000:2246:a800:8:48e:53c0:93a1
2606:4700:10::6816:3e4e
2606:4700:10::6816:3f4e
2606:4700::6811:190e
2606:4700::6812:18ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:10::9
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
3.71.149.231
3.77.213.116
34.96.105.8
34.96.70.87
35.156.175.114
35.186.253.211
35.190.0.66
35.190.39.111
35.71.131.137
37.157.6.254
37.252.171.84
46.228.174.117
52.196.178.144
52.208.62.81
52.51.35.255
54.229.165.108
63.251.14.60
64.233.184.157
72.34.250.75
85.114.159.118
009d4ceeb1168ae5d225f0898ba84f53743d9051b32b5a016bc7c867f32f0c5c
00f209e5346c214d363ba40bcb0d7dabfad704152bb606c4c9602e379bd42d0e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01e1caf58394f459b15a0754ea42341ff3c697adc5eb4c077f6d9af374654b0c
021cf1245ee9b2c32d5ca63156ffcadf9c17762dd3b4766974d2367af22451fc
0486d620f8c483ed0fa8b56edfef5799ede455138606b4392604174847199be2
05652fc485a0a46787ecd0c95c540804bc373c9a1c991be7c5faee3bbf364602
05ec57e3bf50c723dd83849e24de2ddd91ee49fb7c72c3a80e4061eb723cacde
07d52b76cecb08d6f2487da01d088f491815912f747bd22a86c4ecad988773f7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09c132ed9eade3d031fb0306442b70e5bc7440ef20e71e8b638b176273d428b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c89adc1d9f55ed6c6b5e08197fc7f57945efab6a1cf85e90af12db188ef55a9
0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c
102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61
10c2718b5a8f0a342627ce1e4da4ee9ab45fcc24cff760530da5a33d2db6cdf4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fc5122908ed58f8a0595d3c00f9202b406d774b2b6ecd834bfba408a374da
12bcad3deadc62829c01d1c4854713a237a74515c550c48b8cdab9e6e1bc9996
13cab061ea47f0fe6c3fd6b37e6728beb40dc447c3086aef9ba1132eb0df6490
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1779a5a5881e352daf3f2ad8a9f24f26fb53e72e20b811ff39283daef8cecc2b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18716a69ac05e85bcd36f171cf3517c6f86c48d2814cd715b8f212e1f93c845f
194389ab9980a87559925b668961beb1f6fd1328ffb6e44746562a6bac7ee91d
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
1b0c74e0def891648274b54d1778112df5644ba7d2796b0055a4982674b048d7
1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283
1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf
1c3621151837daa3bce1627ea17e5ef1140b0818e4e4a368e7b1bd6acba3d861
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d9371afc6689b1d8e6225b84c947c0501271e77cbd745b6f41de2a9f972e0fc
1f43af206870986a648b5db6570c0488ead3ab087202e82168e57a73af4b5124
2104855248541b155f008a2979c14a6e24d809c92ccc54dc16c98dd32116eb03
211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d
22792901a9b9e8a8ef1fe684b995d8c7f7719d5d5455601b3d7fc16e5fd50152
22aaf5db7b81ee519eda98142c7b0e1925610e8e1741ee1612a53050f5189ad4
22e58cc6dae9376b2dec5d6dea166b20eeced01f132d101e2a463fae69fb93e1
2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276e17bfb22e4bda39154fcf2fe17921a530e3b7c5697d92c09348e1ba60d042
27cb188f5924e222d5e8dfcfaed9898342e2ed84db24b8c7fe63878c0bb6f7af
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0a8c318709b662988173b2343311cff1342159884ea66bb2f6a98287ca916f
2d3ebc5963c3ba449fc6f11b2d5ac883abaf7dbc046ac7c1b267518e0ca5fa27
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
2e2ab3f79878bca67227a271db892287309b1725e347f8e8e2b48674e8ba2ab7
2f2688eeeeb6d99e09adc5d8aeea2963fe4034ca8f98f639f24dea4e0d0f7d16
304dd4d493daf5e649e45262aaef6f79a6c8d7b4ae92e0a667dff1d01f62aef2
309abe44eb60bb130df184f61f443953cd3fcbc5b909dd005ec72b3b15021c75
309ffc4a5d2e0324c7bceb15d0d55b338aed83baf200d44c57ac905e308537c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
345b7b8da6f10a856720fd05570e1caa0e745fded85e2e51d27bd7c2b6da2398
34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3
35a3e77e6c3daacec81193aa4a6c42c941b2db63f14ef430cb3f4fad6ef9a44c
36d4e628911d3dd84b7c3bea29635233d7d135a1ff87c2b866726b58bb2d53bb
371718a40620baf5e3c74e66c70aabb76d891fa9da3e4a03a4ad28c02c2c132a
37a212fb2c628bc823fd18ae7ad61eedc667d435d31c492d96fb7134bc4f76ca
3a1a47d73652bcc5b2be7cd02ffb055ac5a14d3424d949d1f9232a09d2720db0
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b
3dca347b9becce7012dee39dca357900eed261d9670f7d91043291d08bd6acbb
4116f43d89c55b91dcf8a230bfa9b79f6e822c81fcea3b5dfee56ebcfd479525
416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0
41a27147fbfef41f281db7f00102b2b4860422aae427740623a145892f477160
44390ffd4b53f31574a15edd86377376b061b7096ef0a5b1ff76da6dc4008ab6
44bd343862046968424f4d9db05d46c1e851bfca9c5005906894c157fde2473f
44e47e47c96c54501f577da9294014414a2f716ee0f6fa63a44f981be79337d2
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dde986d501f11f0aece25ea490512c34f0fdff0104a4858b61eacda34c107d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4faf3142cdda813fd09ea4661c647d35fa50f50672d30d010200a146514ea38c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586e363f37521dcbfcd7ba32cc2305081db89c33d632f9db1cb95a6eaf092031
591f162074260ac6023b651ca366de95961e8a97d9664067f2d19a721ddfe51d
592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ccea38999d65eabca4c084529ad89a02dc4322a2fe87f90e34e8c1e27dea9de
5d3a97eb0de0a03be74334808c5faad0ddb368de9dce18363702d500326f1a78
5dc695f2d98754cba6e3585ed02598993e0a0fa8060b6e06d5da7ca8331b9e1a
5e1cdfe90eff2980c4c74029ef8ffc0e12f52fb5ef8843e4d2d517977743175c
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300
642690da3a34058586de455c174c0ca0ac0cfe90621a06602a60fd94bd204218
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead
68c54025d4765832f03ef10c8468ca1d849ee429b51b4f264890e54ce27f66a2
6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018
6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
6e0350d0e48e854e67a6700821dbe51032a213ab2c2278276fb8185a690486c3
722206ff955bd15a9788711f8b98d32efc29167ad64807e4f8f2c8725912e673
73464bb51ab65eb6ba5ccba68ba6d1fdff481a2cf60fef317ab842dff82dbe42
74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f
768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1
7845a96e37c4be1ee2b39029b0c7ba443c68a74befff0e1cae63f5bb0b26c30a
79574e015175b8ea2f0366b354be78ae5be45c89150d0a42b7bfa6c9963dd5cf
79e880eb70bb163567b9337fdbe00d60ec72ab461410680793fb5a93060e02f9
7c19206c024726a36da0e04d60a41053c3151874c32953bb90c46e79a0908685
7c5a4091ad723f5a0ee361cb4ec5ce851d11ed195d220647fe3399e0fa9f570a
7d3322d52559907500ad5c9d5ade92451d23a919878d09f5dc24d2852d28bdac
7d652237f8e2a4a8d6db749b8f9be7ebde3372967fb4454887ccf380460c369f
7e045e2c7009c7b91aad30acc31dab15698f1ce3e7ad971b7e48fae5d8154137
7fcc05e8697e4fa1b9af99a987029133c782d8ad781d6251ea097cd2dfc5ee3e
7fde7e8b896df8fe336a78b6e5f02646f8fd2e4c222ead991e575aa6c40adc8e
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a
80d2ea64feb90fec56aab7ae35078d8addd9033751386fdd52de2cab7bf87dd6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
82175d09bb477c22ce052e59953a7451812852ce17ffe9fe04c4605ddba404bc
836b38cdbed3a29dc66669048e7c7f7588fbe2514f32b925a5f677e7c6722f36
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
88b1258dac80af1416de261b7b1ed0c629ba684d62b2217d6429c3c609c007d3
8ac6a88eb9da832c00ffd5bc8b154fc685f0c921e31d3e8e85e02f7d3aa6b6ff
8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33
8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9
8ff806bf9383a6b55d4d2efdf2718471a0ce75ed413b0339f161058aa0127107
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
94ae49560f98f2b978bc4a2f3edf6cf5b89a9e8a8d05e7e6c47f06275d1b4d04
95b028ab59d81f89133d24c26d059e5dae88bc484b8b8ab15eb45f58b1622344
95b3ed6ca635da95502a1f4b0a4e26939a306865e6e090e73eecf40fc3f23f24
96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88
9831f83935b357922faa3dba361edc179fbb0b052a3e2a5bcfde83b9f1b5c9a1
9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5
98ce235596c3042bd01d1609085f467f2d3630b54912434289bdf50c329d8c52
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99d004c037ff778a9c38146dddcc8a7669a0a5c433616614eea3333889a7349a
9a3a58738834d6debdc3f257a5775601741fe7ea062eb48c8eb02ee0ad601f20
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b145e2dca1c528fb118c91345db4cc7e6e9b421f42ae38d3cf8595d896c29f8
9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a
9de4631fb6802442e80c56133c419f2ce1d5979d17c33b421d5dec1d23468571
9df394ae90718afffcf854c7fc7be539e61ef94596fa266ccdaec2309e80e734
9eb9ed81998ce0973c185875c0b30b8bb4279f57cb64287508b1a0ab058afae5
9f64ec863dc1e51e44914578c1f351abb0f1440b49d784bd2c7de9ba02cc52a4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1f7724ef64a25174ce00e12b55284e5fc652f58ef84a46bb6719d234fdb1e8e
a2ef27cc26271047a232ed266899a6039c297742dca96a54af30a9f366638622
a3651aa6ca2a5b2c28ed8786d1bd68b22b013628b5f75d0e7972b3a205de8515
a45c7ca4b080d7ef5d3eb12b977e8d4d147831105e002ca62d973d3293e6f23a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dfaea55f9b110b7bf686a2b030074245b3ff95ed45c7d630015750cdeb1542
a615744c7dfb237db4c0ce46629d5298aae24d33f26495051f38801d7f5bc355
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a77553a2af901f7e36ed9a02bab6dcfc72f68b69de64642d5402753f100b0c9f
a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
ac546194565bbef33495adfd3072005ecb03e2563f484d0228435a8c4ac42f51
aced13c5cde18af20f9f6d8691609ddd5c748c18e0437e5e887a960977f5c73d
ad3c008ffe1d6ee338cd653dab842f7a2eced53f412799eda51d53193df6ec5e
ad79d7cb23cb884826766aecbff4c9a4a58b5570ce22a869d20ae2148b79ea9e
afc4fb5b9852031b885ceddc39b4c480a1c0387ccbdda6f37e88d0ba549b12b7
b05c53bea43812b44e419f33dc164c279d0ee87cb23084d657202bca8017bec8
b0b6c2ef65f2486f7be1c3b49a50e88ed2602d29d1f9ecb03ddd4e198c8e5910
b0c702669500e911ce14a464e4f6740a100d42fab12b675e71381dfc61edcf82
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bc671699d3846825ef343ce07104f81335c549a5278d232bbfaa5eac8beaf9
b31b08f5197d4bce6f97586010b2699dd3574d0b5dcb9735aa4b31ebf7a39b77
b364aa5ec35c70520296a6172a1d7963535eeb7f6b246f41cf66af5d315f1215
b57c9aa30eb75613091d6753b26caa6b3a56e24b7326ec4512a2ba17678def7d
b69dffaf33995a49770399ed1d4cb6188e76666a82b77259598c5855061c0a39
b7d079bf21e72c5449d5aa75a4916c4556a0fd2b02cadd2a93aa1d1529957722
bc0dabcc303935533038303de02f22154c590167ce6157e3da98a89e92f71991
bd0cba1a894b8a9bebd1394cfa675116713f9045497993f05291cd6a0b501f63
bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b
bd7a3a8e656c26cb9c13f54bcf073acb42166a7bc7870ef042c67c23ddf72162
bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed
c008f1ad405904149f18ba88f2cd7c41f6ec05957f6beee4205ad6430c4aa0a0
c0a178d32dec8463bfaf9de03961359d840aa5ac83259bb2071e2dc738bb80c6
c0be148114a45b6d493239cf3635ff69c520807377ff47736352e8bfc189de41
c17cf0e01b410087dbe8dc19706c995f4d3b246e64e1db192138dd6fe826cc4b
c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f
c49acbce18de283ee4d071ecb179378db91393dbf7ac081da6c321f866eed7b8
c4db144321efbe62d33923077d356ee2fdc097848ebba3f1e1396027122b2d48
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
cb20f9a12a04a834c1c1d0c4a6c41b7662b3e3972c4400c477ed82769d1ec8fe
cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25
cc9c4bea5abddf9fa6eeb1e26466840f03ce14a936227548b912b09719c9588b
cfbabf04d783b723e9c15105bdfff839a1797ad79832379301852bfe9057416a
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d51f301915e6aec64491e8db5c39fca3fd7d4fffc6167b9a4794b129d3d0d4ea
d52495b18649afcb88c1d0c6081dbcb847c9fe0313fbb44984c8f52635f11070
d619b2381851b2fa0a8f1dc881bd9d3353b1bf55a06b3f3e2abb08320de017a8
d6957fa04d9ff15045ccdf619c466e62df75f2d3199ce90989d8f1ac7a080402
da22de2c7e022940533116aa1297bbfd3d41016ef5865ef58a5a660d536cfb4e
db14f5793d357dcf51166ba19a5b233cc9d9bbcc059f160e2f0069b23441dca1
db8b02e27648c8923b73cb3b9582718641e079897b7bfd4b32e74786e8565200
dbfb1ffbe141afce3b582141149a90f5b74178e71ed93832ee4038716220573d
dd858db7dc517b76bdf1068076f0ff5694a8d2138d1bdebe2b37fb8a5c8ae689
df246227bbbca5b52c349ce280e7a5ec45ca7b2347c9208b8152790acaf282c1
e0629562dc06b2c5e35f1383e92658661b66856268dedb75bef3890b2bd47a8f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d250710905b1e58c752cfcb0b3a1f35623fd5b86764fbf9e8b0b0392f2ca32
e4e11447f7fce2c1b2b3b2c9dbba2e5e5e7e8583cd266c63dab718aed32963a2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e640de2990578286e33962bf2671c5f3018b57e8ecd9b277e8e7f799af6775e9
e70a6f1fa850e8189757f6719d62519e7b48226089bb46925bbd0f2074cf13d3
e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979
eda8f2817f63788e1b2bdbd7515cc6a1ab84f81bcca67055bd9f515282db0e8a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7461c0051b325805c887adc6357a464dae3efad3720214b91799a501afb62c
f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2091cf995fc533dc55280f08dd7145512f4362a849b749227d02d97643ae695
f2a29dd07eaba315bb36e1e3ba38f8a025f455222688f0630b375dd4ac2f3ddc
f2b5209de1b6f1d7e95372f59a083f530ca527934163f1689b1a2c014d6dafbc
f2b86f468d5bf4d09d57039677a5b7aad9e9fc146b8d33e0686bbe7e0361c465
f46dc68f822878f6f594f75a64304ca194242e311d56e743e2506c7f74777786
f708984e243cb3b26317aafd035c76be771dfb9fbca75e4d1787d1d4700e5b52
f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e
f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea
f989066757a82b34734e6ba6823770f5f1b0f3da11595bf1cb846a91c602ec07
f9c22b1c52421d79788e5590f0b33e9847080e119b367d23f7a3ab8fc793d986
fb0e8e164f8f994c3be7045bd8eb86334380d96b47561956b046592d145d755a
fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3
feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441

www.ensonhaber.com Open in urlscan Pro 185.102.219.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

88 %HTTPS

49 %IPv6

47 Domains

69 Subdomains

50 IPs

9 Countries

5808 kBTransfer

10954 kBSize

41 Cookies

22 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 56 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ensonhaber.com Open in urlscan Pro
185.102.219.173 Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

88 %
HTTPS

49 %
IPv6

47
Domains

69
Subdomains

50
IPs

9
Countries

5808 kB
Transfer

10954 kB
Size

41
Cookies

323 HTTP transactions
56 data transactions