www.ensonhaber.com Open in urlscan Pro
89.187.169.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ensonhaber.com/
Effective URL:
https://www.ensonhaber.com/
Submission: On June 21 via api (June 21st 2023, 7:44:28 pm UTC) from DE — Scanned from DE

Summary HTTP 297 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 35 domains to perform 297 HTTP transactions. The main IP is 89.187.169.43, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.ensonhaber.com. The Cisco Umbrella rank of the primary domain is 147427.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on March 31st 2023. Valid for: a year.

This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 77	2606:4700:10:... 2606:4700:10::6816:3e4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	89.187.169.43 89.187.169.43	60068 (CDN77 ^_^) (CDN77 ^_^)
9	2606:4700:10:... 2606:4700:10::ac43:28c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 7	52.17.92.218 52.17.92.218	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
12	2600:9000:224... 2600:9000:2246:b600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2600:1f18:1ac... 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.213.231.241 52.213.231.241	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
3 3	3.121.106.141 3.121.106.141	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	54.76.254.97 54.76.254.97	16509 (AMAZON-02) (AMAZON-02)
1	52.29.94.107 52.29.94.107	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
297	39

77 2606:4700:10::6816:3e4e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.187.169.43 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-43.cdn77.com

www.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::ac43:28c4 (United States)

ASN13335 (CLOUDFLARENET, US)

s.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-stg.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.17.92.218 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-92-218.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2246:b600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.231.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-231-241.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Grenzach-Wyhlen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.106.141 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-106-141.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.254.97 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-254-97.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.94.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-107.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	ensonhaber.com 1 redirects ensonhaber.com — Cisco Umbrella Rank: 102678 www.ensonhaber.com — Cisco Umbrella Rank: 147427 s.ensonhaber.com — Cisco Umbrella Rank: 259491 icdn.ensonhaber.com — Cisco Umbrella Rank: 153780 api-stg.ensonhaber.com — Cisco Umbrella Rank: 236648	2 MB
77	googlesyndication.com 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	441 KB
49	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	388 KB
37	adsafeprotected.com 4 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 957 pixel.adsafeprotected.com — Cisco Umbrella Rank: 745 static.adsafeprotected.com — Cisco Umbrella Rank: 628 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	379 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	367 KB
8	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 59 adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	80 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	279 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 785	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	2 KB
3	gstatic.com www.gstatic.com	15 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 822	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	733 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 340	760 B
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86462	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1404	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 492	418 B
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	314 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	310 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	146 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 434	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1487	747 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 572	364 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 689	641 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 933	761 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	577 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11611	60 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4835	455 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 3582	4 KB
297	35

	Domain	Requested by
47	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com www.ensonhaber.com
44	icdn.ensonhaber.com	www.ensonhaber.com
40	s.ensonhaber.com	www.ensonhaber.com s.ensonhaber.com
24	tpc.googlesyndication.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.ensonhaber.com googleads.g.doubleclick.net
19	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
18	dt.adsafeprotected.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
12	static.adsafeprotected.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com srcdoc static.adsafeprotected.com
12	s0.2mdn.net	www.ensonhaber.com s0.2mdn.net
11	googleads.g.doubleclick.net	www.googletagmanager.com 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com pagead2.googlesyndication.com www.ensonhaber.com
11	securepubads.g.doubleclick.net	www.ensonhaber.com securepubads.g.doubleclick.net
8	googleads4.g.doubleclick.net	www.ensonhaber.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	fw.adsafeprotected.com	3 redirects www.ensonhaber.com 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
6	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com www.ensonhaber.com
5	www.ensonhaber.com	s.ensonhaber.com www.ensonhaber.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects www.ensonhaber.com tpc.googlesyndication.com 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	www.gstatic.com	www.ensonhaber.com 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	skydeutschland.demdex.net	1 redirects 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
2	fonts.googleapis.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com www.ensonhaber.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	www.ensonhaber.com www.googletagmanager.com
2	accounts.google.com	www.ensonhaber.com accounts.google.com
1	id5-sync.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
1	sync.inmobi.com	1 redirects
1	match.sharethrough.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
1	ads.yieldmo.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	m.exactag.com	98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	pixel.adsafeprotected.com	1 redirects
1	mug.criteo.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	www.google.de	www.ensonhaber.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	api-stg.ensonhaber.com	s.ensonhaber.com
1	ensonhaber.com	1 redirects
297	50

This site contains links to these domains. Also see Links.

Domain
videonuz.ensonhaber.com
ensonhaber.me
www.youtube.com
wa.me
youtu.be
t.me
twitter.com
www.instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
*.ensonhaber.com RapidSSL TLS RSA CA G1	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: A901D9F9C53BA3904B59778E69376B69
Requests: 125 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95FA62178CCE5C8566093FA11175B451
Requests: 1 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C7E3AE832EED82E39D74D5EBBE682E3
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNUittQhYEzOffr20VJ4GoZb0-SQemQqRtRXZMU2MFQddqeute-PZ2-U0EOO2sG4Jtts2oVKpbmmSwMlVm53dNA1qu3y49EVxO3nqz5aQkQNwO9fw9bjWluoSDL8i1JCsKe8vlbORJ-opuhZhQGu2XgPuHHIuoJ6rXSPtlgxzDWvk4nicKS6iU3wgKovfLcAmBVpv2HB
Frame ID: C0D7EFAD95889F7F38825A1F5CFF33EB
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com
Frame ID: 16BAE695E613CE6D0FD1A7F0447556DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD118B6804F330E26A1C60EB71BB3878
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D80B00A453B21B2835D790E7620F834
Requests: 2 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39CD3A0BE6688400D0332217A4CE7D40
Requests: 26 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BCA06C9B340013E16CF9EFA6AA556696
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQv4LBARik05rsATAB&v=APEucNWArWBkZm27tzmNX3AzW2uXjON1gZOZElTnvhx6DJgEqLzCfu95fRdI4l1GEwTX8yblARg0m6tqbWDWakwq4X3Z7QjircvDNOVEJjWaADrJLZqhlbxCOPeEY_6dZbZx6_m6WX-RzqYJjCMGOdM295a84Aq2VZ5VoFuHbeo00I4ek9-DK24aO3IOCBKm29n_ogoi1Ml8
Frame ID: 2CD1822931B2634F579A5812FD2405EC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3DB3B0F1AE83B308E80A42E80452925C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX
Frame ID: 384D024A5BE1786A4A0CE0A8C8BB4431
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5040575257582014076/CbV_EX90_DE_970x250/index.html?ev=01_250
Frame ID: C2A0F3892B537388DA4561B3A3DB846E
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DA13D33506B935866A392CD69817FCCF
Requests: 1 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4812C74AFB911CDBEB68B887BC63BA7F
Requests: 5 HTTP requests in this frame

Frame: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 129A86339B6BE3A3A69E76A48EBA95C6
Requests: 27 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EC1833775371F5BF78D422251BF2587A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DF4804A4A7F7EBA32FFB4F11995F233D
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0EA2C5A4EA3A4AD4373B6A7EBD5C2B15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWWWU28HPLTb_LeVQOP73_hyb62TwvRahDtTRD97NyxNmUYGkJZ70f1HCK518h4IVHglronebeD8I9nsA5yQuE6ADY0DEYmldTgrJr5xlMa6XO4m-ceGCXHF0K89XhXwp1FPuVoWq5AVs0ZDnmdKOwDTqCVf3sJb8xvZmR7cS0v4iWFry6c8Ox3L79Miybs9gGd2NIi
Frame ID: DE1E46201414335506092A90787F720F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68FA8ACE79CADDB684913EE98E79FBBB
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_970x250.js
Frame ID: FBB9794DA4D7BC08AEA5A1D523922091
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
Frame ID: E1382EB228D8C1379E05FF2D0BFF5E06
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66FF69094B74A5B38C9EC0D26C80FBD0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8A0288D020153AD9977B07F56EBC2263
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 613BC242C08BBBA4358FBA01406CD5F4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 218635EC960DB54C64EAD763B0672A81
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
Frame ID: 0E126E93B1989131ACAF341377F0252E
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CCA74A396A319A5EC371040F6143D8C0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_970x250.js
Frame ID: 5CCC14CC8956A59B7332AB16FEACCD59
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ensonhaber – Son Dakika Haber, Güncel Haberler

Page URL History Show full URLs

https://ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

297
Requests

92 %
HTTPS

46 %
IPv6

35
Domains

50
Subdomains

39
IPs

8
Countries

3785 kB
Transfer

8584 kB
Size

40
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://videonuz.ensonhaber.com/
Title: VİDEO

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/v5
Title: bitexen

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12o
Title: Halkbank Parafly

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12h
Title: İHH Kurban

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/12z
Title: Veni Vidi Göz Mayıs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZHf28-BG2Pz-UFqYJiZBeg

Search URL Search Domain Scan URL

URL: https://wa.me/905333782000

Search URL Search Domain Scan URL

URL: https://youtu.be/2vnzyTtec4w
Title: Sinan Akçıl: İleride Türk gençliğini temsil etmek için siyasete atılabilirim

Search URL Search Domain Scan URL

URL: https://youtu.be/ek6JvpUIAAU
Title: Cumhurbaşkanı Erdoğan Ak Parti Grup Toplantısı'nda konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/YweY1muIdh8
Title: Sevda Türküsev ve Miyase İlknur arasında Kılıçdaroğlu tartışması: Yayını terk etti

Search URL Search Domain Scan URL

URL: https://youtu.be/d35_kl9UFlc
Title: Ekonomi nereye gidiyor? - Faizler ne olacak? - Dolar düşecek mi?

Search URL Search Domain Scan URL

URL: https://youtu.be/rtUGIfs4f70
Title: Kılıçdaroğlu partisinin TBMM Grup Toplantısı'nda konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/eIaGVxwBcIc
Title: Devlet Bahçeli MHP grup toplantısında konuştu

Search URL Search Domain Scan URL

URL: https://youtu.be/k9zMlAVwr_A
Title: Kapıdaki tehlike: Kızamık

Search URL Search Domain Scan URL

URL: https://youtu.be/dzSwDTM60YM
Title: Muhalefette sular durulmuyor

Search URL Search Domain Scan URL

URL: https://youtu.be/2qKTVdu9oDI
Title: MKYK'nın ana gündemi deprem bölgesiydi

Search URL Search Domain Scan URL

URL: https://youtu.be/xt9IfnEEGas
Title: Cumhurbaşkanı Erdoğan: Enflasyonu tekrar tek haneli rakamlara düşüreceğiz

Search URL Search Domain Scan URL

URL: https://youtu.be/wSuIa-cY3Ro
Title: Caddebostan'da sorduk: CHP'nin yeni genel başkanı kim olmalı?

Search URL Search Domain Scan URL

URL: https://t.me/ensonhaber
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/ensonhaber
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ensonhaber/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ensonhaber
Title: Facebook

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTE988aGjkSbfY1GtEaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

Request Chain 138

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZekXAnxpbWZ6ZmFUMFYzT3d4ZWxObmdFTFA0SWRzRGNVTHdTellWMFovTlZqQi9aT2YwL2dWZlNTTmdoblc5YXNpV01KMnB4emk3TEFKMzVTY1NEbTdUL2VGYUdUV1ZhcGwyYVU4R2ZiWDU2VWZTTGFYM29Gd01BRi9sckkxV09HbXUyUk1vaVBIT1FTUzNjY0h5ckhieXlpNFBET1VQQUlmWXRMS2VFeWJQQ2E5Qm93SlZCWjgyNERXb2QxY1U1MGtCa1FUeDFOM09zbGs0RktJbUN0V2tUK09iZHhVK2dmckoyR21WL05Rd25xMzFETk1CRndxWm9aYk56OStpdnNlQXUzT3F2a2hUWGxUV09yRmIwRVpHZ1RYZz09fA&cppv=2

Request Chain 165

https://pixel.adsafeprotected.com/rfw/st/1427322/71304158/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1012364583&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20143734131&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hk12olv3t49ejy-qFpqy_0 HTTP 302
https://static.adsafeprotected.com/skeleton.gif

Request Chain 172

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

Request Chain 173

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTE988aGjkSbfY1GtEaQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

Request Chain 175

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

Request Chain 176

https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20014135396&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jQ-ts6wcj1w_8-TAwy_LP6&adContainerId=brand_safety_E1OTZM7LHsS1-gbhuaPYCg&cbFunctionName=goog_wrapCb_E1OTZM7LHsS1-gbhuaPYCg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9957c9e5-171b-6ed7-b70b-f811616929c7,c:gcG2kW,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5958d7d477-49zqh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:18,mot:0,app:0,maw:0,fm:tHQwvjb+11%7C12*.1431402-70901275%7C121%7C122%7C123%7C13%7C141%7C15%7C161%7C171,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:75,oid:039e1cb5-106c-11ee-8e71-ce12cad18918,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdORGaOQPj4n5PTfqksF3o&google_cver=1

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEHtN1HVpC7y2g4S27CUsIwU&google_cver=1

Request Chain 208

https://fw.adsafeprotected.com/rfw/bgd/1316115/71738579/xbbe/creative/adj?p=APEucNWy33QpoBKMg8wisveLpI8BY0xlwURr7Z8p-seuNdqQsl3uxj8&d=CokBAKAmf-Ab0VXXUMNgUR8ngurxlKf_5SoTJF_ZuU4hqa6rSCr_kqQMdG74aRsolQhjB4SL3nZkloTUCy07PjOn2gsllfppFAWMZoGy2aKUAvLWV0KWsovsihffp0x6FDAKlcgddu8vvvFWkj7hiuMGNhKq5g23fQF8BD6MbddMcdjErqql4T7lBugSuRUAoCZ_4Jyv3eub9s8pDUmN0iLeyEmNXmpCqez9A_6YOPVnLVzK5OWcFbZLOkAHcJ_xMsbbybdQnDcrRA9pwsy-nOVn1Wvb6fScxy0ftkh2UAay147ent5XbFR5BU_QPh6rsYm7pcW30UYeL277UE9hB1W8a33O97uz_wXqaXZlBr45_bL-pE9gNNcFIb61HbI_LCFJrLojEdpCo3ESTc30opezgCTQudKDv20-imld4qoWtru_yHHM3o1Oc9p_1BED5EMF94VCKolvfqXH4UgKDPzyhkrryCvMEMocQfcV6libpIHKFaqDUrATMWxptu5cdMtARrGsMWzaRuCEQG0GPC-M_hbRHk5p9gkQsoLHTtb2xTfM6upKCv0edp2h9D3mDJ2NAXH2Q0L8ENiYRg_F7VLn7R2nBHFRTHEx6PDvbxYnh4AGzst4faIZhlwlEnABCkcn2kFItF0LwDXYe4Rww_Kd49mp3rwtf-9xiFYRcCvpCoebt88p2eZF8m0wgJJ8kYdeZ7KU9zCd6sJ7ETathbpDpm2XyK_NCocKwqwm8iaJvbbdwla-zQt9rcc06g6U09WreimK11rjMeRQC-TU0vfs0AR6opQ72P4g6Vpe7P3IDTGbTECj4ml-zbgBiusqzLgLmIsSxTbIks9RbxXfliDQwZIPM8hwJbzdJa2ON5IpIJSG05i9QfUAPnDLaLXVNDmLrllsjKLQNg3xMen8cVYw-Qoe41py7Bq2a0FU63pUTi7J5tk0E_UiQgRQRSu85Tvx6WBj8p6DsUiqbAc_S0ma8uptlPwpTGxFIqvWQnVWAm28Z-bAFhtvbtXHVQtWeCZBIZKY1p5zA2gpbttCncz0RGVNyldrzmewfU1Cumo2tLaMFbgb1Ct93EVVhFjTjkzMBg6a7KvMmfV6t_LzRIgFogSCJt-yBaF7Bm8B_mHHezqPJ_8rKFucyWvlwWKQ_1XB1Uqxy1Z87S9n1xcU4vQ3q_l5coKylwuzocwthDTlJfS8Nm3k7_aM12n9oARVhZR50ohkvETN2YJJfA3qbubhe4WgLJiPXybo5DDYxU31_k3A0O2PTNSstpSXis1IRItl5OiVrnJ4XfMNcjyvEm4Ypj07W-rOO0JR95xcBcv4kwub60-7fRl2FEWxNCq23G9KO8v5ukDms_KpDdAbbGsVWMRsCZ3rnpPXFgfCisk9nM53tfzuJriRl4e9_4M_qTmBe7-Tj__9xdaWykx0ITU9sw5FL6buFgZbZjd4O3x9VZHJlzH1L5VLbCAf2k3zNZGQUo0VWHpd2wGv37KrDN7TR7-9UNpSUFecqYD65W5Z9E2ShTG8IM7I2ahHgd848tcasBg8Iv91JCt2CdpgO86k1n06Lq_pBDjv8xFDPQgafXG6pSqdbUCtzzR6jCw7eJGuc1hQ7I_6peNQJLHCYvxsmu8HW8I08ajAeMYycN859GJZjb_kHDxH8b4h5_K_3RP5taCjQrlyfl5sLSSSdm4r_X508iCZX3xCDrYY2ywDqocDFLYe49VlRethgtnDHnyc6aXwl-28-eL6BAn5V9e1tVea6efNt4bTgMN_IYGsMJ1cNMi9QVybHbqm2DmIyUHG9stzo0wx1NOPnsRWiSsE5H84FFm_zE038iLW7BCc7LxPynBIsrb1KN3Y9ybTL1a3iyfieKgDJcgl_jGVOCoftsJO-rY_y2iCOIg9sq61qTZb1hjVAIFxwVD1-MuNO5A19FuMYbBv_Ijwc7kK48xr-WBSuyV_9z07lvHmhSL_0nUNtFwp3SUEaIDQ0KkYPXR-lHvIHPrNADDyBXl_T1Daa8mys06AukrJ0BLkNYYcP7JbmeONu6Dfwy0riiMmvtfWGzdrBZcEVcKi3xdl4LmHr_xYsr0CVGg-swNzcMG8BPiPiutVUGfP4HT_x6sr-8gMqtaYdUe1cdXhVxLyNnSD444AKZSMI9PIRK6Rcm_utVDrqpyQJ9uj9ex1lciHOBKCNew3Xr9PdKjavxZ6CSig0DM7HcynT88rKEbCbrUcxfZj5KsvLqceMGSUenkeHRaOucPThI4xYeTZvQSq4Pz2E-DzL1pMIr-7YgquRVejUqNGzWr8UqbZARTqa-el7W5I8h-mCRt-THxVFLQBbvD6wyu9PjgJeJhDbZ5QswLpe8VJUwk_0gqrg9uJQz8M7oQhf4GSTwpvAPAsS6UiRicT8SLL2KSNyx5p6au2S8YiFk6wcMjsF5RQLcSbYVpNMTIysYQEKIDfklp8Yrriu0BdUC4_B2OIsJ-kQqdESo6z8VoVTxPUzkyXv_lU0u6fc4De6ll5hemh9vGBnKMcMl78FFigbEjrA-cfFf4XPuJB8e3k9H0Gjya61CEH_WPniGDyanSeqJkhdpq4gHxO1aMGiGe6fWWZCO_7ineWDL4IY5nvXv7_7B5eg4N7RoD2AW1tvp5F-QXck7DGA_lx3JjXMAchfQSbhNS5j379eNj_ddsIOl5jV6TdvImr8EXnBcvVWtsvmFf6OH3UExyTBslWMgDlvmCBybJKIrTLe8M3ZmagvYLh2-zZu-jLDNRBsBykBHuP62VgXsu85ie4CXCnczZszJ09n7Tz14LRbbvLMSCNsHSu7fm2TooZdsx-nzgqeKge-B9EC7UEDTWN_WpElizJyLGtWKQdlnp9vEBspH-LSskBstGaNiBUqc6-uzVsIFysQC5gLtQCfYKkSeZqfkVsS40nvu68SpVEz12lkbsIF7XHv33iIwRCwg8oadr1QNsTy28Ec1BhcryFySV0Y4018NBNaNTrZWl1raPLJhMzenmJedYUv5ntrfiTb5n3HdgP384_VXhksGiCNFDoHD8LKtQA8knGqZA7wBPHrFhnweVoEZRtaJ5mVRwozDJ-Trsge0sgLGfbY2fW1OY8wNgcEnDGICx2-h1zykNd7ElzgEGt-uSsnHUug0vhC7MP6eaiXWLTLDdqetXSkIbu91B8-ukXxKc9hPdfhZ7rT9fkJzP-43NkKbB6_bjgye_W2LWw3QcTXfVjCFJRZgA2o0oIwuQpWEY-KvuMOZas_WSGXqytmrBf0_adO8f1fFS20GyIutsi9pRxxhhwoM2s44lpTlgF0vGL0Pd-Y3J59Y-mmzV4kU1xgS6RuEkN2kbXAkG-Evl8QEXWWxDRudJtpwFrXOF3AK-ZfilyzxsubN6eCp3bHK4O1bXVAiSyo-uJbtZ8BSXCcj7fiwOwTs4BCbuodPGBwNyoL5X_xhu6-hHA-8Mo-aXl-odxtCINfmlTlczpuoLD9IWQxJAeyB25fDfvwsR_EtgI4Gca4tGVOBLKABqKDXc3fIjWtC0aRQNKnB06RsS8cA5uRP-wGRP3ziXFopgD2Ls4un2lFvU_yowhovvDBnh5_QvJoXDWNmuLqx-KH56BG2zKhWxw4u62Wpogq9V9RPYI-rq2pRIcxNiI8azB2-IWm2G7WTp1-LSfPZEz7m1p76kCvq-hL_eYBIqFWIayPskghiAnD-6cfpA-0NFBiqlK4nBeUPxthgBaSinuHdCnuMImrNumMzIa2iuBoBo0lsld7d2BS5LwmNoY0KXXuQDve75Vm8kNSasa1pdYBesoExbZmInGhlnceQdx92XMSeM3dLYfUW0B66T6cpmh3XWCvaBodusrO7fotEcI5mIaUQgEEksAcoEIgzJd9h-6_qmaKSlXcJIMlAMmvHHEI9V0NKttozpvihJx3eVfKa4db0d3Z1g8pY922LZ_sQWnC-eW_kAXk_IfH2xL06HRCuUYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1010526756&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=19655233655&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iH-i2UYOBcy425EjwnovbL&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2e7b0935-97c2-1aad-bd45-93616b00e3fe,c:gcG2rV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5958d7d477-k44ls,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:rHRbA1,mtim:5,mot:0,app:0,maw:0,fm:tHQwvql+11%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C1811%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:63,oid:03a5490a-106c-11ee-9c18-bec52e9457aa,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_160x600.js

Request Chain 232

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdpr_consent=

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1&__user_check__=1&sync_id=045401e1-106c-11ee-a1a3-11a3cbba0406

Request Chain 235

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=044aafd1-106c-11ee-8c20-143d56a10506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDQ0YWFmOTUtMTA2Yy0xMWVlLThjMjAtMTQzZDU2YTEwNTA2

Request Chain 236

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12TEJxU3BaRTJ1R1dxeU9YNDI2Tno4UmIyWlBaM25qQn5B

Request Chain 238

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 264

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEECtBDbEkX3KSW6jot2sd7c&google_cver=1&google_push=ATf1kGPmapd0dDS-JrtEzPUY49gKJAecmbpYFtQtC_wpcW8mr2KfJjNdRqDUB4dVQq3lBgfzyrwE1zNgqThX5T0uvp7b2CEfkRvZE0pHdrfjSeRUKoRx85Xjzy2iadU-QsnkibTuFKWeuQ_p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEECtBDbEkX3KSW6jot2sd7c&google_push=ATf1kGPmapd0dDS-JrtEzPUY49gKJAecmbpYFtQtC_wpcW8mr2KfJjNdRqDUB4dVQq3lBgfzyrwE1zNgqThX5T0uvp7b2CEfkRvZE0pHdrfjSeRUKoRx85Xjzy2iadU-QsnkibTuFKWeuQ_p

Request Chain 265

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDPAVYWUw9ZXulP-J_yDXA8&google_cver=1&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMofyctBzZZa9 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDPAVYWUw9ZXulP-J_yDXA8&google_cver=1&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMofyctBzZZa9 HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336723794324008&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMofyctBzZZa9&google_hm=eR26WXXMQ3uMbd9qFcigZw==

Request Chain 266

https://d5p.de17a.com/cookies/google?google_gid=CAESEMvbx_vgkC_pHA2qY7yKbHM&google_cver=1&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_EiXpS-YN0_bBqxa_Q1XJdV7B18J546oSaz383Pd0 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMvbx_vgkC_pHA2qY7yKbHM&google_cver=1&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_EiXpS-YN0_bBqxa_Q1XJdV7B18J546oSaz383Pd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_EiXpS-YN0_bBqxa_Q1XJdV7B18J546oSaz383Pd0

Request Chain 267

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAPaAaIqgGQ4E8gmsMyOjvI&google_cver=1&google_push=ATf1kGPEdOd8DOQTVR_YjPy7Q3wqKCiyFApaDhYunlj1XrKDRq-i7FL1x37Fv6sLEP-sZvUYKrjF0YXPLMWXF0k5ci9vNYa7CE7Zkmbjs5yyHQOiemXOWOnHLXRMidkLqoPk0J1W2wBrVxkb HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAPaAaIqgGQ4E8gmsMyOjvI&google_cver=1&google_push=ATf1kGPEdOd8DOQTVR_YjPy7Q3wqKCiyFApaDhYunlj1XrKDRq-i7FL1x37Fv6sLEP-sZvUYKrjF0YXPLMWXF0k5ci9vNYa7CE7Zkmbjs5yyHQOiemXOWOnHLXRMidkLqoPk0J1W2wBrVxkb&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BfsGlnexQxWfaTwWKREGWQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPEdOd8DOQTVR_YjPy7Q3wqKCiyFApaDhYunlj1XrKDRq-i7FL1x37Fv6sLEP-sZvUYKrjF0YXPLMWXF0k5ci9vNYa7CE7Zkmbjs5yyHQOiemXOWOnHLXRMidkLqoPk0J1W2wBrVxkb

Request Chain 268

https://ads.yieldmo.com/exptsync?google_gid=CAESEJH4OZ_xEv7zPQS95nL7nWk&google_cver=1&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGrubutn7WVaDlcKLV5zBIphUSJbrlFPLY_bCt0MgLw5uQfOB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGrubutn7WVaDlcKLV5zBIphUSJbrlFPLY_bCt0MgLw5uQfOB&google_hm=Z2QzYzViN2M1NGM1ZDNjN2U3YTU=

Request Chain 270

https://sync.inmobi.com/gob?google_gid=CAESENIsKyreO5tqAp7HpQ4P7c8&google_cver=1&google_push=ATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOoO0zeHofOKebsWE3rLYdJ_z0Pe1Q8vRUOKB_YFsdGjinf7CXpjGhjDTLOzBg-x0UiEt96dkzl_NgL5cw9ikMgkNCM_4PkwwFrZA HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOoO0zeHofOKebsWE3rLYdJ_z0Pe1Q8vRUOKB_YFsdGjinf7CXpjGhjDTLOzBg-x0UiEt96dkzl_NgL5cw9ikMgkNCM_4PkwwFrZA

Request Chain 272

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gFtRs-I6CQhWyFTH-MLxhT&adContainerId=brand_safety_FFOTZMWkNv6yx_APp_qUIA&cbFunctionName=goog_wrapCb_FFOTZMWkNv6yx_APp_qUIA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:21b4ac1c-7034-3f3b-55da-f3c239bf2202,c:gcG2E2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5958d7d477-dxt6z,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tHQwvCS+11%7C121%7C122%7C123%7C124%7C13%7C14%7C151%7C152%7C1531%7C161%7C162%7C163%7C1711%7C1712%7C18*.990511-61634097%7C181%7C182%7C183%7C184,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:36,oid:04581dc6-106c-11ee-9622-166eb400a779,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

297 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ensonhaber.com/
Redirect Chain

https://ensonhaber.com/
https://www.ensonhaber.com/

164 KB
29 KB

94ms
28ms

Document
text/html

89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN / PHP/8.0.25
Resource Hash: a615744c7dfb237db4c0ce46629d5298aae24d33f26495051f38801d7f5bc355

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19
allow: GET, HEAD, POST
cache-control: max-age=40
caching-type: litespeed
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Jun 2023 19:44:17 GMT
etag: W/"4972452-1687376590;;;"
merlin-is-mobile-desktop: 1
merlin-is-mobile-viewer: 0
server: MerlinCDN
via: HTTP/2.0 Merlin CDN
x-cache-status: HIT
x-edge: de-fra-dp-s01
x-litespeed-cache: hit
x-midtier: de-fra-lea-s01
x-powered-by: PHP/8.0.25

Redirect headers

cache-control: max-age=3600
cf-ray: 7daebece18dd9016-FRA
date: Wed, 21 Jun 2023 19:44:17 GMT
expires: Wed, 21 Jun 2023 20:44:17 GMT
location: https://www.ensonhaber.com/
server: cloudflare
vary: Accept-Encoding

GET
H2 200 home.min.css
s.ensonhaber.com/assets/css/ 277 KB
51 KB 131ms
67ms Stylesheet
text/css 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57c9aa30eb75613091d6753b26caa6b3a56e24b7326ec4512a2ba17678def7d

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16673
content-length: 52151
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Jun 2023 11:14:28 GMT
server: cloudflare
etag: "454f6-648c4414-1c2131dc75de44c;gz"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fe89205-FRA
expires: Thu, 20 Jun 2024 15:05:21 GMT

GET
H2 200 inter-v2-latin-ext_latin-regular.woff2
s.ensonhaber.com/assets/fonts/inter/ 35 KB
35 KB 130ms
67ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-regular.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949314
content-length: 36104
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "8d08-639c9a83-8a94ee445f24e6c0;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fee9205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-300.woff2
s.ensonhaber.com/assets/fonts/inter/ 37 KB
37 KB 131ms
69ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-300.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949314
content-length: 37584
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "92d0-639c9a83-275355ba44709d0b;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fea9205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-500.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 98ms
36ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-500.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949314
content-length: 38652
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "96fc-639c9a83-df183364806ed438;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fe99205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-600.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 129ms
68ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-600.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949314
content-length: 38852
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "97c4-639c9a83-c70c6bcb7fd34262;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8feb9205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-700.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 114ms
54ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-700.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949314
content-length: 38908
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "97fc-639c9a83-82ee2966142daad0;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fec9205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 inter-v2-latin-ext_latin-800.woff2
s.ensonhaber.com/assets/fonts/inter/ 38 KB
38 KB 127ms
68ms Font
font/woff2 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/inter/inter-v2-latin-ext_latin-800.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4719015
content-length: 38948
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "9824-639c9a83-d47e4f5f26ad6474;;;"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebecf8fef9205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 231ms
109ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b81932a73af887454276597e15a0db776f26caa5888197d7bcca2b9647f6622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26436
x-xss-protection: 0
server: cafe
etag: 712 / 19529 / m202306140101 / config-hash: 13361936451535775382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:18 GMT

GET
H2 200 esh-tag.js Show response
s.ensonhaber.com/assets/js/lib/ 14 KB
4 KB 37ms
36ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/lib/esh-tag.js?r=3.14.62_110bdcf-v2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f43af206870986a648b5db6570c0488ead3ab087202e82168e57a73af4b5124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:17 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 16712
cf-polished: origSize=25855
x-vtex-cache-status-nginx-thumbor: MISS
cf-bgj: minify
last-modified: Fri, 16 Jun 2023 16:43:44 GMT
server: cloudflare
etag: W/"64ff-648c9140-600d8002f3582cb9;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebecf39fe9016-FRA
expires: Thu, 20 Jun 2024 15:05:18 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 195 KB
77 KB 208ms
86ms Script
application/javascript 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

165116fa9d435175a18a09378e9f9353cb92f627c99f8e2734b43a1be15d8f74

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NElSLqtefjuZTgIc4htyuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-NElSLqtefjuZTgIc4htyuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 21 Jun 2023 19:44:18 GMT

GET
H2 200 logo.png
s.ensonhaber.com/assets/img/ 10 KB
10 KB 39ms
37ms Image
image/webp 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/logo.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18716a69ac05e85bcd36f171cf3517c6f86c48d2814cd715b8f212e1f93c845f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
cf-polished: origFmt=png, origSize=14744
content-disposition: inline; filename="logo.webp"
content-length: 9952
x-vtex-cache-status-nginx-thumbor: MISS
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "3998-639c9a83-80370abe83dfb67e;;;"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-msg-esh: gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b6d9016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 config.js Show response
s.ensonhaber.com/assets/js/lib/ 5 KB
2 KB 41ms
39ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/lib/config.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2688eeeeb6d99e09adc5d8aeea2963fe4034ca8f98f639f24dea4e0d0f7d16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 16713
cf-polished: origSize=8068
x-vtex-cache-status-nginx-thumbor: MISS
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 01:38:36 GMT
server: cloudflare
etag: W/"1f84-6449d21c-29d76f8c661a4d15;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebed08b6e9016-FRA
expires: Thu, 20 Jun 2024 15:05:19 GMT

GET
H2 200 swiper-bundle.min.js Show response
s.ensonhaber.com/assets/plugins/swiper/ 138 KB
37 KB 66ms
65ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/swiper/swiper-bundle.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7461c0051b325805c887adc6357a464dae3efad3720214b91799a501afb62c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4405634
content-length: 37667
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "227c3-639c9a84-365ff75c50969382;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b6f9016-FRA
expires: Thu, 25 Apr 2024 06:21:45 GMT

GET
H2 200 keen-slider.min.js Show response
s.ensonhaber.com/assets/plugins/keen-slider/ 14 KB
6 KB 71ms
69ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/keen-slider/keen-slider.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127fc5122908ed58f8a0595d3c00f9202b406d774b2b6ecd834bfba408a374da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949274
content-length: 5950
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Tue, 24 Jan 2023 10:59:25 GMT
server: cloudflare
etag: "391a-63cfba0d-c751872e52ec6ffc;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b709016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 scrollbooster.min.js Show response
s.ensonhaber.com/assets/plugins/scrollbooster/ 13 KB
4 KB 70ms
69ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/plugins/scrollbooster/scrollbooster.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949274
content-length: 3744
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Mon, 24 Apr 2023 13:24:08 GMT
server: cloudflare
etag: "340b-644682f8-33996e347c569589;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b749016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 home.min.js Show response
s.ensonhaber.com/assets/js/ 111 KB
30 KB 41ms
39ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5a4091ad723f5a0ee361cb4ec5ce851d11ed195d220647fe3399e0fa9f570a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16682
content-length: 30064
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Tue, 20 Jun 2023 13:22:23 GMT
server: cloudflare
etag: "1bdad-6491a80f-8eb2f34356ebea3f;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b769016-FRA
expires: Thu, 20 Jun 2024 15:05:22 GMT

GET
H2 200 login.min.js Show response
s.ensonhaber.com/assets/js/ 15 KB
4 KB 70ms
69ms Script
application/x-javascript 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/js/login.min.js?v=3.14.62_110bdcf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009d4ceeb1168ae5d225f0898ba84f53743d9051b32b5a016bc7c867f32f0c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 16713
content-length: 4351
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 28 Apr 2023 14:12:37 GMT
server: cloudflare
etag: "3aa3-644bd455-cc120e5c107645f9;gz"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed08b779016-FRA
expires: Thu, 20 Jun 2024 15:05:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
48 KB 193ms
67ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e97b1156d1db6c7109d8386cdce6cd9c6ecff3d22e632ca5cee00c271fbb9aca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48904
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Jun 2023 19:44:18 GMT

GET
H2 200 search.svg
s.ensonhaber.com/assets/img/nav/ 503 B
394 B 55ms
54ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/search.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 288
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "1f7-639c9a83-7df830a54a0303c3;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ab939016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 tv-live.svg
s.ensonhaber.com/assets/img/nav/ 392 B
417 B 50ms
49ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/tv-live.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 286
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "188-639c9a83-32710c5bc2f0f20f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ab959016-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 archive.svg
s.ensonhaber.com/assets/img/nav/ 238 B
315 B 50ms
49ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/archive.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 202
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "ee-639c9a83-18325224231ec6ac;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ab989016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 theme-dark.svg
s.ensonhaber.com/assets/img/nav/ 545 B
418 B 50ms
50ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/theme-dark.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 321
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "221-639c9a83-d5d50ee83eb5dfb6;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ab9f9016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 notifications-off.svg
s.ensonhaber.com/assets/img/nav/ 1 KB
907 B 50ms
49ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/notifications-off.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4408239
content-length: 716
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 10 Mar 2023 13:24:25 GMT
server: cloudflare
etag: "573-640b2f89-b9e1aca0490ef169;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0aba39016-FRA
expires: Wed, 24 Apr 2024 12:55:40 GMT

GET
H2 200 user.svg
s.ensonhaber.com/assets/img/nav/ 379 B
376 B 50ms
49ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/user.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4405634
content-length: 260
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "17b-639c9a83-5a3c1594c91c1939;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0aba59016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 flag.svg
s.ensonhaber.com/assets/img/nav/ 664 B
524 B 49ms
49ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/flag.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 397
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "298-639c9a83-2532c638c956b99e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0aba69016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
DATA 200
OK truncated
/ 295 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 hamburger.svg
s.ensonhaber.com/assets/img/nav/ 141 B
268 B 48ms
48ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/hamburger.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 1M
content-encoding: gzip
cf-cache-status: HIT
age: 4405634
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: W/"8d-639c9a83-d5ea281d6f82c105;;;"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
cf-ray: 7daebed0aba79016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 eshicons.ttf
s.ensonhaber.com/assets/fonts/eshicons/fonts/ 23 KB
12 KB 38ms
38ms Font
application/x-font-ttf 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ensonhaber.com/assets/fonts/eshicons/fonts/eshicons.ttf?ncw6hm
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9

Request headers

Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949315
content-length: 12530
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "5a5c-639c9a83-56e91538b3845a0f;gz"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0b9109205-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 cevdet-yilmaz-ve-mehmet-simsek-baeyi-ziyarete-gidecek_35126123.jpg
icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ 72 KB
72 KB 54ms
49ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/cevdet-yilmaz-ve-mehmet-simsek-baeyi-ziyarete-gidecek_35126123.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2091cf995fc533dc55280f08dd7145512f4362a849b749227d02d97643ae695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 416
cf-polished: origSize=76402
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 73609
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f25638a50dd41a01f35f702c1bff0ea652393042"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbdd9016-FRA
esh2: 788
expires: Thu, 20 Jun 2024 19:36:17 GMT

GET
H2 200 veni-vidi-goz_1f684123.jpg
icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/20/ 52 KB
52 KB 46ms
41ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/20/veni-vidi-goz_1f684123.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49acbce18de283ee4d071ecb179378db91393dbf7ac081da6c321f866eed7b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 81912
cf-polished: origSize=56679
esh: 382
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 53505
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a1d494578cfa560a440ee74933e732a6f9271b20"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbde9016-FRA
expires: Wed, 19 Jun 2024 20:58:11 GMT

GET
H2 200 turistleri-titanikin-enkazina-tasirken-kaybolan-denizalti-icin-arama_34533728.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 20 KB
20 KB 53ms
49ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/turistleri-titanikin-enkazina-tasirken-kaybolan-denizalti-icin-arama_34533728.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12bcad3deadc62829c01d1c4854713a237a74515c550c48b8cdab9e6e1bc9996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 3510
cf-polished: origSize=20949
esh: 233
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 20381
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "55076a4e59219f4f0c710e00f5aaca1868f3d1fd"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbd79016-FRA
expires: Thu, 20 Jun 2024 18:45:19 GMT

GET
H2 200 nevsehirde-saganak-sele-donustu_339fd565.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 16 KB
16 KB 42ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/nevsehirde-saganak-sele-donustu_339fd565.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb0e8e164f8f994c3be7045bd8eb86334380d96b47561956b046592d145d755a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6354
cf-polished: origSize=16492
esh: 233
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 16102
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "065ed8937b53b8095bcba47c4865acba7e8d5f69"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbda9016-FRA
expires: Thu, 20 Jun 2024 17:57:35 GMT

GET
H2 200 bm-dunya-genelinde-insani-yardima-muhtac-kisi-sayisi-360-milyona-yu_3347b468.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 28 KB
28 KB 53ms
49ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/bm-dunya-genelinde-insani-yardima-muhtac-kisi-sayisi-360-milyona-yu_3347b468.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 836b38cdbed3a29dc66669048e7c7f7588fbe2514f32b925a5f677e7c6722f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 7785
cf-polished: origSize=29755
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 28512
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6069a47cc75e1ecb275849106a641b907a4686e9"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbe09016-FRA
esh2: 233
expires: Thu, 20 Jun 2024 17:33:55 GMT

GET
H2 200 yok-baskani-erol-ozvar-universite-sinavinin-kaldirilmasi-gunde_32803162.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 20 KB
20 KB 45ms
41ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/yok-baskani-erol-ozvar-universite-sinavinin-kaldirilmasi-gunde_32803162.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d652237f8e2a4a8d6db749b8f9be7ebde3372967fb4454887ccf380460c369f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 10981
cf-polished: origSize=20892
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 20296
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "8eb047edeade831f38cba6de28c379e461ae6957"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0dbe29016-FRA
esh2: 233
expires: Thu, 20 Jun 2024 16:41:01 GMT

GET
H2 200 hdpli-meral-danis-bestastan-asgari-ucret-aciklamasi-kabul-etmiyo_31395848.jpg
icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 62ms
58ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/233x260-85/resimler/diger/kok/2023/06/21/hdpli-meral-danis-bestastan-asgari-ucret-aciklamasi-kabul-etmiyo_31395848.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94ae49560f98f2b978bc4a2f3edf6cf5b89a9e8a8d05e7e6c47f06275d1b4d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16207
cf-polished: origSize=26246
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25602
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9f52ef5169ac6c287a7dda03907ac23e89e7da0c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0fc109016-FRA
esh2: 233
expires: Thu, 20 Jun 2024 15:13:35 GMT

GET
H2 200 yt-home.svg
s.ensonhaber.com/assets/img/ 31 KB
15 KB 69ms
65ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/yt-home.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949171
content-length: 15522
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Thu, 12 Jan 2023 12:28:36 GMT
server: cloudflare
etag: "7b20-63bffcf4-248980f56cff858b;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ebf49016-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 wp-home.svg
s.ensonhaber.com/assets/img/ 41 KB
21 KB 69ms
65ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/wp-home.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4405305
content-length: 20870
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 20 Jan 2023 23:35:42 GMT
server: cloudflare
etag: "a586-63cb254e-3fab314fac59889a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0ebf79016-FRA
expires: Thu, 25 Apr 2024 06:21:48 GMT

GET
H2 200 abdullah-gul-amcasinin-esinin-cenazesine-katildi_2febd314.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 40 KB
41 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/abdullah-gul-amcasinin-esinin-cenazesine-katildi_2febd314.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e1caf58394f459b15a0754ea42341ff3c697adc5eb4c077f6d9af374654b0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6354
cf-polished: origSize=43396
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 41464
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "15e9a607d940fe72fbf4281410dea4436ea8f824"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed15c8f9016-FRA
expires: Thu, 20 Jun 2024 17:57:34 GMT

GET
H2 200 vladimir-putin-nukleer-gucu-gelistirmek-en-onemli-gorevimiz_3054e774.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 21 KB
21 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/vladimir-putin-nukleer-gucu-gelistirmek-en-onemli-gorevimiz_3054e774.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0cba1a894b8a9bebd1394cfa675116713f9045497993f05291cd6a0b501f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 7772
cf-polished: origSize=21642
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 21394
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0e7023d63693bebe4abc7a4afa91bc235a7cd7ea"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed15c969016-FRA
esh2: 400
expires: Thu, 20 Jun 2024 17:33:55 GMT

GET
H2 200 yi-partide-kurultay-hazrl-sryor-meral-akener-yeni-yolu-a_2f9f3447.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 29 KB
29 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/yi-partide-kurultay-hazrl-sryor-meral-akener-yeni-yolu-a_2f9f3447.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de4631fb6802442e80c56133c419f2ce1d5979d17c33b421d5dec1d23468571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8159
cf-polished: origSize=30509
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 29821
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "287ffe51107c1aa42aaf4481d71b671cc74bfb48"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed15c979016-FRA
esh2: 400
expires: Thu, 20 Jun 2024 17:27:43 GMT

GET
H2 200 mersin-erdemlide-hortum-seralari-yikti_33147455.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 48 KB
48 KB 38ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/mersin-erdemlide-hortum-seralari-yikti_33147455.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fcc05e8697e4fa1b9af99a987029133c782d8ad781d6251ea097cd2dfc5ee3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8594
cf-polished: origSize=51454
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 48793
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ba29274eb8aae2f6b94f70d24e113fa7730659f1"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed16c9d9016-FRA
expires: Thu, 20 Jun 2024 17:20:42 GMT

GET
H2 200 yeni-haber-basligi_31821975.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 51 KB
51 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_31821975.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f7724ef64a25174ce00e12b55284e5fc652f58ef84a46bb6719d234fdb1e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9802
cf-polished: origSize=54179
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 51920
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "3f2217874725fd6455b86bf2c7f2a0616cad5fbf"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed16c9f9016-FRA
expires: Thu, 20 Jun 2024 16:59:58 GMT

GET
H2 200 real-madrid-toni-kroosun-sozlesmesini-yeniledi_31774201.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/real-madrid-toni-kroosun-sozlesmesini-yeniledi_31774201.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8b02e27648c8923b73cb3b9582718641e079897b7bfd4b32e74786e8565200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9821
cf-polished: origSize=22735
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22251
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "84b2f14f7507bd0f07758ce50e78d80b1ea82386"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed16ca29016-FRA
expires: Thu, 20 Jun 2024 16:59:50 GMT

GET
H2 200 suc-orgutu-lideri-firat-delibas-esenyurtta-yakalandi-1_2f464.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 30 KB
31 KB 37ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/suc-orgutu-lideri-firat-delibas-esenyurtta-yakalandi-1_2f464.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345b7b8da6f10a856720fd05570e1caa0e745fded85e2e51d27bd7c2b6da2398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 18126
cf-polished: origSize=32197
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 31229
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "3aa20af89331ef2f2d7345c10bf95576bdaa7376"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed19cf99016-FRA
esh2: 400
expires: Thu, 20 Jun 2024 14:41:43 GMT

GET
H2 200 besiktasin-muhtemel-rakiplerini-taniyalim_31412422.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 40 KB
40 KB 43ms
43ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/besiktasin-muhtemel-rakiplerini-taniyalim_31412422.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dde986d501f11f0aece25ea490512c34f0fdff0104a4858b61eacda34c107d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 15726
cf-polished: origSize=43164
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 41209
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "502de12a0cbf0897ea83b678b0e3bf6ff4b01e80"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed19d019016-FRA
expires: Thu, 20 Jun 2024 15:21:29 GMT

GET
H2 200 gonul-dagi-103-bolum-2-fragman-taner-gercegi-ogrendi-selma-o_29d7e925.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 30 KB
30 KB 39ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/gonul-dagi-103-bolum-2-fragman-taner-gercegi-ogrendi-selma-o_29d7e925.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79574e015175b8ea2f0366b354be78ae5be45c89150d0a42b7bfa6c9963dd5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 34340
cf-polished: origSize=31235
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 30472
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f70a1dba26a0b490f5201110a65bac7d898c857f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed19d049016-FRA
expires: Thu, 20 Jun 2024 10:11:14 GMT

GET
H2 200 yiyen-duz-duvara-tirmaniyor-karpuzun-beyaz-kisimlari-meger_19f28145.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/20/ 24 KB
25 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/20/yiyen-duz-duvara-tirmaniyor-karpuzun-beyaz-kisimlari-meger_19f28145.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f209e5346c214d363ba40bcb0d7dabfad704152bb606c4c9602e379bd42d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 103353
cf-polished: origSize=25646
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25006
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d41ee5ebfce495bc06f5046b0d10cc6037e932de"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1ad099016-FRA
esh2: 400
expires: Wed, 19 Jun 2024 15:00:15 GMT

GET
H2 200 beril-pozamdan-bikinili-poz_2d4e2736.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 43ms
42ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/beril-pozamdan-bikinili-poz_2d4e2736.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05c53bea43812b44e419f33dc164c279d0ee87cb23084d657202bca8017bec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 4028
cf-polished: origSize=23642
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22673
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "eac9a98864216602d53bc44f1c20a4213387bedd"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1ad159016-FRA
esh2: 186
expires: Thu, 20 Jun 2024 18:36:21 GMT

GET
H2 200 abd-polisinden-hapishanedeki-siyahi-tutukluya-siddet_2d984613.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 18 KB
19 KB 41ms
41ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/abd-polisinden-hapishanedeki-siyahi-tutukluya-siddet_2d984613.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3a58738834d6debdc3f257a5775601741fe7ea062eb48c8eb02ee0ad601f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5639
cf-polished: origSize=19408
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 18934
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "42674cf91962f46cb2905becae1d7772a569ca5a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1ad179016-FRA
expires: Thu, 20 Jun 2024 18:09:43 GMT

GET
H2 200 yeni-haber-basligi_2933b861.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 39ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2933b861.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 309abe44eb60bb130df184f61f443953cd3fcbc5b909dd005ec72b3b15021c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 2554
cf-polished: origSize=8986
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8822
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "b919313b838e4e6f1afe0b257d8fed2600360fa6"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1dd549016-FRA
expires: Thu, 20 Jun 2024 19:00:37 GMT

GET
H2 200 yeni-haber-basligi_2e008472.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 46ms
36ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2e008472.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f989066757a82b34734e6ba6823770f5f1b0f3da11595bf1cb846a91c602ec07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 20188
cf-polished: origSize=8998
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8829
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a14d8dbb87a78a5b70bf46e3c5538a0a9d7c5d91"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1ed5c9016-FRA
esh2: 160
expires: Thu, 20 Jun 2024 14:07:42 GMT

GET
H2 200 yeni-haber-basligi_319a9291.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 9 KB
9 KB 45ms
35ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_319a9291.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d250710905b1e58c752cfcb0b3a1f35623fd5b86764fbf9e8b0b0392f2ca32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9769
cf-polished: origSize=9031
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8838
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "920e8eb75b620c7553dd2be037b0f7e02905651a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1ed719016-FRA
expires: Thu, 20 Jun 2024 17:01:01 GMT

GET
H2 200 burcu-ozberk-italyaya-gitti_2b84b298.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 19 KB
19 KB 39ms
36ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/burcu-ozberk-italyaya-gitti_2b84b298.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44390ffd4b53f31574a15edd86377376b061b7096ef0a5b1ff76da6dc4008ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 6439
cf-polished: origSize=19996
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 19330
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "65729474569cfe366552608a9c55ea71387a687c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1fd7b9016-FRA
expires: Thu, 20 Jun 2024 17:56:12 GMT

GET
H2 200 diyarbakir-havalimani-otoparkinda-ambalaji-uzerinde-sifir-arac-stok_2d30e216.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 40ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/diyarbakir-havalimani-otoparkinda-ambalaji-uzerinde-sifir-arac-stok_2d30e216.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17cf0e01b410087dbe8dc19706c995f4d3b246e64e1db192138dd6fe826cc4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8667
cf-polished: origSize=26468
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25378
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "a1e576b7200762ddcdd8b97604f54ef70786c22f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1fd7e9016-FRA
esh2: 186
expires: Thu, 20 Jun 2024 17:19:08 GMT

GET
H2 200 gungorende-halati-kopan-asansor-dustu-1-olu_30318509.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 8 KB
8 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/gungorende-halati-kopan-asansor-dustu-1-olu_30318509.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb9ed81998ce0973c185875c0b30b8bb4279f57cb64287508b1a0ab058afae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 587
cf-polished: origSize=8038
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7899
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "246df634f0ed4645e8a77a3c2b96cbd6502ec53b"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed1fd829016-FRA
expires: Thu, 20 Jun 2024 19:33:16 GMT

GET
H2 200 gulusuyle-unlendi-hababam-sinifinin-bacaksizi-tuncay-akca-ba_301d2376.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
7 KB 42ms
42ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/gulusuyle-unlendi-hababam-sinifinin-bacaksizi-tuncay-akca-ba_301d2376.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a1a47d73652bcc5b2be7cd02ffb055ac5a14d3424d949d1f9232a09d2720db0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 17003
cf-polished: origSize=6591
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 6567
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "edfdde3be4f1f063063202f544ce723ec7c63ad3"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed21db69016-FRA
esh2: 160
expires: Thu, 20 Jun 2024 15:00:12 GMT

GET
H2 200 istanbulda-uyusturucu-tacirlerine-operasyon184-gozalti_301b1755.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 7 KB
7 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/istanbulda-uyusturucu-tacirlerine-operasyon184-gozalti_301b1755.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642690da3a34058586de455c174c0ca0ac0cfe90621a06602a60fd94bd204218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1521
cf-polished: origSize=7219
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7095
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5c36962f693c2d746bf3d1ed3b8e5202eede660a"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed22dc59016-FRA
esh2: 160
expires: Thu, 20 Jun 2024 19:18:22 GMT

GET
H2 200 singapurda-intihar-girisimi-ozel-ekipler-tarafindan-onlendi_2f1d7423.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
6 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/singapurda-intihar-girisimi-ozel-ekipler-tarafindan-onlendi_2f1d7423.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d3a97eb0de0a03be74334808c5faad0ddb368de9dce18363702d500326f1a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 8211
cf-polished: origSize=5700
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 5656
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f8c3c2296c65397eee9eb9ab1bedf738ee2d5e2f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed22dc69016-FRA
esh2: 160
expires: Thu, 20 Jun 2024 17:27:27 GMT

GET
H2 200 yeni-haber-basligi_2f8a5367.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 6 KB
6 KB 39ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yeni-haber-basligi_2f8a5367.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aced13c5cde18af20f9f6d8691609ddd5c748c18e0437e5e887a960977f5c73d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 13814
cf-polished: origSize=6300
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 6274
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "968d785ecd6c4aeda964ab135494babf3561b521"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed23dd49016-FRA
esh2: 160
expires: Thu, 20 Jun 2024 15:53:52 GMT

GET
H2 200 yusufelinin-guresci-bogalari-yeni-arenada_2f9c5835.jpg
icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/ 8 KB
8 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/160x90-85/resimler/diger/kok/2023/06/21/yusufelinin-guresci-bogalari-yeni-arenada_2f9c5835.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a27147fbfef41f281db7f00102b2b4860422aae427740623a145892f477160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 14083
cf-polished: origSize=8706
esh: 160
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 8422
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f9b5eba4f3acb7ebb421993b488735713a452b29"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed23dd69016-FRA
expires: Thu, 20 Jun 2024 15:48:48 GMT

GET
H2 200 fenerbahcenin-konferans-ligindeki-rakiplerini-taniyalim_31207698.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 45 KB
45 KB 38ms
35ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/fenerbahcenin-konferans-ligindeki-rakiplerini-taniyalim_31207698.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31b08f5197d4bce6f97586010b2699dd3574d0b5dcb9735aa4b31ebf7a39b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16288
cf-polished: origSize=48177
esh: 400
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 46031
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d15ab880faa5fa043ea6411606ca792ce8124f0f"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed23ddd9016-FRA
expires: Thu, 20 Jun 2024 15:12:26 GMT

GET
H2 200 isvec-disisleri-bakani-turkiyenin-butun-yukumlulerini-yerin_2fbf7390.jpg
icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/ 24 KB
25 KB 36ms
35ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/400x225-85/resimler/diger/kok/2023/06/21/isvec-disisleri-bakani-turkiyenin-butun-yukumlulerini-yerin_2fbf7390.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a3e77e6c3daacec81193aa4a6c42c941b2db63f14ef430cb3f4fad6ef9a44c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16223
cf-polished: origSize=25211
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 24943
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2c04bf3351ccac8f8787b82bf693fff89561a528"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed25e039016-FRA
esh2: 400
expires: Thu, 20 Jun 2024 15:13:35 GMT

GET
H2 200 hatayda-53-saat-sonra-enkazdan-cikan-genc-kurtaricilari-ile-bulustu_2c953824.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
23 KB 36ms
36ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/hatayda-53-saat-sonra-enkazdan-cikan-genc-kurtaricilari-ile-bulustu_2c953824.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ce235596c3042bd01d1609085f467f2d3630b54912434289bdf50c329d8c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 11873
cf-polished: origSize=23776
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22906
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "91fb119de95432c573b2dd8c04e3b434b7acfa24"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed26e119016-FRA
esh2: 186
expires: Thu, 20 Jun 2024 16:25:51 GMT

GET
H2 200 kayseride-alkol-alinan-masada-oynatilan-kiz-cocugu-henuz-bulunamadi_2bfe3220.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 38ms
37ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/kayseride-alkol-alinan-masada-oynatilan-kiz-cocugu-henuz-bulunamadi_2bfe3220.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c19206c024726a36da0e04d60a41053c3151874c32953bb90c46e79a0908685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 12721
cf-polished: origSize=26838
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25619
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "ca857d24178fd6f1f9ae1fb451c4caef91ef5a40"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed26e1e9016-FRA
expires: Thu, 20 Jun 2024 16:11:55 GMT

GET
H2 200 tuncelinin-kelebekleri_4357.jpg
icdn.ensonhaber.com/crop/340x191-85/resimler/galeri/kok/2023/06/19/ 12 KB
13 KB 40ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/340x191-85/resimler/galeri/kok/2023/06/19/tuncelinin-kelebekleri_4357.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13cab061ea47f0fe6c3fd6b37e6728beb40dc447c3086aef9ba1132eb0df6490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 202502
cf-polished: origSize=12827
esh: 340
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 12671
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "bcf11022c4e4e21f93a1bcc6bfc0d174a64d98bb"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed27e269016-FRA
expires: Tue, 18 Jun 2024 11:28:39 GMT

GET
H2 200 boluda-esinin-agabeyi-ve-yegeni-tarafindan-acimasizca-dovuldu_2ba87250.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 25 KB
25 KB 41ms
41ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/boluda-esinin-agabeyi-ve-yegeni-tarafindan-acimasizca-dovuldu_2ba87250.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db14f5793d357dcf51166ba19a5b233cc9d9bbcc059f160e2f0069b23441dca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 13135
cf-polished: origSize=26304
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 25138
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "361bfca0e8b1b0de95dc7195462d9dd28a7024a5"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed27e289016-FRA
esh2: 186
expires: Thu, 20 Jun 2024 16:05:03 GMT

GET
H2 200 izmirde-4-turkmenin-katili-tutuklandi_2b80d606.jpg
icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/ 22 KB
22 KB 39ms
39ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/186x218-85/resimler/diger/kok/2023/06/21/izmirde-4-turkmenin-katili-tutuklandi_2b80d606.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44bd343862046968424f4d9db05d46c1e851bfca9c5005906894c157fde2473f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16919
cf-polished: origSize=23137
esh: 186
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 22032
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f74f2e40f7c40513c369cdaa169df6267a42cd3e"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed27e2e9016-FRA
expires: Thu, 20 Jun 2024 15:01:23 GMT

GET
H2 200 youtube-white.svg
s.ensonhaber.com/assets/img/svg/ 4 KB
2 KB 58ms
57ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/youtube-white.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4405634
content-length: 1754
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "f42-639c9a84-de402b8448af89b4;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0fc149016-FRA
expires: Thu, 25 Apr 2024 06:22:23 GMT

GET
H2 200 youtube-player.svg
s.ensonhaber.com/assets/img/svg/ 1 KB
691 B 58ms
57ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/youtube-player.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 567
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "431-639c9a84-a968250828655b7a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed0fc159016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 dele-alli-sacini-boyadi_34609450.jpg
icdn.ensonhaber.com/crop/700x400-85/resimler/diger/kok/2023/06/21/ 74 KB
74 KB 36ms
36ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/700x400-85/resimler/diger/kok/2023/06/21/dele-alli-sacini-boyadi_34609450.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586e363f37521dcbfcd7ba32cc2305081db89c33d632f9db1cb95a6eaf092031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 3290
cf-polished: origSize=78099
esh: 700
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 75456
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "f109357a7dc94430407cd226966fba821ffcaca6"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed29e5c9016-FRA
expires: Thu, 20 Jun 2024 18:48:52 GMT

GET
H2 200 filenin-efeleri-avrupa-altin-ligi-dortlu-finali-hazirliklarini-tama_33ec1419.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 13 KB
13 KB 38ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/filenin-efeleri-avrupa-altin-ligi-dortlu-finali-hazirliklarini-tama_33ec1419.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c22b1c52421d79788e5590f0b33e9847080e119b367d23f7a3ab8fc793d986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5133
cf-polished: origSize=13127
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 12864
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9fd62aaa8588680799c47d48307cb4978564ec0c"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed2ae659016-FRA
esh2: 229
expires: Thu, 20 Jun 2024 18:18:11 GMT

GET
H2 200 danielle-cuttino-galatasaraya-transfer-oldu_31698978.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 7 KB
7 KB 39ms
38ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/danielle-cuttino-galatasaraya-transfer-oldu_31698978.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c54025d4765832f03ef10c8468ca1d849ee429b51b4f264890e54ce27f66a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 12652
cf-polished: origSize=7620
esh: 229
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 7479
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "58011849923fed1e7211e2f7c13ba9b65abb6812"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed2be759016-FRA
expires: Thu, 20 Jun 2024 16:13:06 GMT

GET
H2 200 sertac-sanli-sonuna-kadar-hak-ettik_31051940.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 14 KB
14 KB 41ms
40ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/sertac-sanli-sonuna-kadar-hak-ettik_31051940.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276e17bfb22e4bda39154fcf2fe17921a530e3b7c5697d92c09348e1ba60d042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 16967
cf-polished: origSize=14628
esh: 229
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 14312
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9a526c50b3e6c4cf763f955e568298134418df06"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed2be769016-FRA
expires: Thu, 20 Jun 2024 15:00:23 GMT

GET
H2 200 dursun-ozbekten-transfer-aciklamasi_2f8f8176.jpg
icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/ 10 KB
10 KB 44ms
42ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/229x129-85/resimler/diger/kok/2023/06/21/dursun-ozbekten-transfer-aciklamasi_2f8f8176.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10c2718b5a8f0a342627ce1e4da4ee9ab45fcc24cff760530da5a33d2db6cdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 23006
cf-polished: origSize=10306
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 10278
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "d065e2d5c29425e8f79e4c56c71d71e97319ad64"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed2be879016-FRA
esh2: 229
expires: Thu, 20 Jun 2024 13:20:14 GMT

GET
H2 200 logo.svg
s.ensonhaber.com/assets/img/nav/ 2 KB
1 KB 39ms
37ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/nav/logo.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 1038
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:15 GMT
server: cloudflare
etag: "801-639c9a83-2deb684a3979a6f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c569016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 telegram.svg
s.ensonhaber.com/assets/img/social/svg/ 393 B
371 B 38ms
36ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/telegram.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 277
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "189-639c9a84-96400f8900acc41e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c589016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 whatsapp.svg
s.ensonhaber.com/assets/img/social/svg/ 3 KB
1 KB 40ms
39ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/whatsapp.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 1108
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "acf-639c9a84-20f1ab362ceade15;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c599016-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 youtube.svg
s.ensonhaber.com/assets/img/social/svg/ 953 B
525 B 43ms
41ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/youtube.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 423
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "3b9-639c9a84-92da1d82d3fbff6f;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c5b9016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 twitter.svg
s.ensonhaber.com/assets/img/social/svg/ 856 B
576 B 39ms
38ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/twitter.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0a8c318709b662988173b2343311cff1342159884ea66bb2f6a98287ca916f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4405634
content-length: 482
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "358-639c9a84-8f449a611e7de763;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c5d9016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 instagram.svg
s.ensonhaber.com/assets/img/social/svg/ 2 KB
851 B 41ms
40ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/instagram.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 737
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "853-639c9a84-13d92e1e1566001a;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c5f9016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 facebook.svg
s.ensonhaber.com/assets/img/social/svg/ 656 B
488 B 42ms
41ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/social/svg/facebook.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 393
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "290-639c9a84-a482b1a13127354d;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed12c609016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 borsaticker Show response
www.ensonhaber.com/dynamic/ 8 KB
2 KB 29ms
28ms Fetch
text/html 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/dynamic/borsaticker
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN / PHP/8.0.25
Resource Hash: eda8f2817f63788e1b2bdbd7515cc6a1ab84f81bcca67055bd9f515282db0e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
server: MerlinCDN
age: 34
x-midtier: de-fra-lea-s01
x-cache-status: HIT
x-litespeed-cache: hit
x-powered-by: PHP/8.0.25
content-type: text/html; charset=UTF-8
allow: GET, HEAD, POST
etag: W/"4969616-1687376277;;;"
x-edge: de-fra-dp-s01
cache-control: max-age=300
caching-type: litespeed

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d079bf21e72c5449d5aa75a4916c4556a0fd2b02cadd2a93aa1d1529957722

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b6c2ef65f2486f7be1c3b49a50e88ed2602d29d1f9ecb03ddd4e198c8e5910

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 istanbul.json Show response
api-stg.ensonhaber.com/data/havadurumu/ 3 KB
836 B 38ms
36ms Fetch
application/json 2606:4700:10::ac43:28c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-stg.ensonhaber.com/data/havadurumu/istanbul.json
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:28c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.25
Resource Hash: b1bc671699d3846825ef343ce07104f81335c549a5278d232bbfaa5eac8beaf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
cache-file: data___istanbul_saatlik_2023-06-21.json
cf-cache-status: HIT
age: 258
x-powered-by: PHP/8.0.25
x-litespeed-cache: hit
content-length: 501
server: cloudflare
etag: "762894-1687375671;gz"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-server: api-srv-1
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: x-requested-with, origin, x-requested-with, content-type
cache3: out-of-memory
cf-ray: 7daebed189e09205-FRA

GET
H2 200 loading-red.svg
www.ensonhaber.com/assets/img/svg/ 1012 B
585 B 28ms
28ms Image
image/svg+xml 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: 8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 4947478
etag: W/"3f4-639c9a84-c475a4ec4487325e;;;"
x-midtier: de-fra-dp-s02
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 loading-red.svg
s.ensonhaber.com/assets/img/svg/ 1012 B
479 B 44ms
43ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/loading-red.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4408239
content-length: 284
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "3f4-639c9a84-c475a4ec4487325e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed18ce69016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 down-red.svg
s.ensonhaber.com/assets/img/svg/ 735 B
697 B 37ms
36ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/down-red.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 487
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "2df-63ac5c36-bff6e9315efa01c9;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed20d9f9016-FRA
expires: Wed, 24 Apr 2024 12:55:39 GMT

GET
H2 200 up-green.svg
s.ensonhaber.com/assets/img/svg/ 764 B
599 B 38ms
37ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/up-green.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 504
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "2fc-63ac5c36-8edaee021ef5d882;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed20da19016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 bitexen.svg
s.ensonhaber.com/assets/img/svg/ 9 KB
7 KB 37ms
37ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/bitexen.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 7235
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: cloudflare
etag: "2559-639c9a84-eb01bfa43127277e;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed20da29016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 crypto-currency-white.svg
s.ensonhaber.com/assets/img/svg/ 777 B
572 B 38ms
38ms Image
image/svg+xml 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ensonhaber.com/assets/img/svg/crypto-currency-white.svg
Requested by: Host: s.ensonhaber.com
URL: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.ensonhaber.com/assets/css/home.min.css?v=3.14.62_110bdcf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4949263
content-length: 473
x-vtex-cache-status-nginx-thumbor: MISS
last-modified: Wed, 28 Dec 2022 15:09:42 GMT
server: cloudflare
etag: "309-63ac5c36-e35f449c24d92fc1;gz"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-msg-esh: js gnc cdn
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed20da39016-FRA
expires: Wed, 24 Apr 2024 12:55:38 GMT

GET
H2 200 1.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 783 B
750 B 28ms
28ms Image
image/svg+xml 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/1.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: 05ec57e3bf50c723dd83849e24de2ddd91ee49fb7c72c3a80e4061eb723cacde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 4946558
etag: W/"30f-639c9a84-6f86531e74315052;;;"
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 33.svg
www.ensonhaber.com/assets/img/svg/weather/set1/fill/ 813 B
725 B 29ms
28ms Image
image/svg+xml 89.187.169.43
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ensonhaber.com/assets/img/svg/weather/set1/fill/33.svg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.43 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-43.cdn77.com
Software: MerlinCDN /
Resource Hash: 44e47e47c96c54501f577da9294014414a2f716ee0f6fa63a44f981be79337d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
via: HTTP/2.0 Merlin CDN
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 16:19:16 GMT
server: MerlinCDN
age: 4941485
etag: W/"32d-639c9a84-79b8375c1d41a623;;;"
x-midtier: nl-naw-ws-s08
x-cache-status: HIT
allow: GET, HEAD, POST
content-type: image/svg+xml
x-edge: de-fra-dp-s01
cache-control: max-age=31536000

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 408 KB
126 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11197
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129045
x-xss-protection: 0
server: cafe
etag: 16806126990728334555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 16:37:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
576 B 246ms
126ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88b1258dac80af1416de261b7b1ed0c629ba684d62b2217d6429c3c609c007d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 551
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
98 KB 67ms
65ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PL92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

986f669d1c720cb7da6f3ad0fb5bb8157f5f8e56d326cf1dfe28b2e926d0f389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99855
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Jun 2023 19:44:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 102ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je36e2&_p=868516779&cid=2032561920.1687376659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687376658&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/ 3 KB
2 KB 210ms
70ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065653642/?random=1687376658530&cv=11&fst=1687376658530&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&auid=183430784.1687376659&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc49d730beb32edf6e32c08ff69f00baee5c4b42a7aa9434736564c1b7402493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1347
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 193ms
67ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 159ms
80ms Script
application/javascript 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 85647
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7daebed4acd39972-FRA
expires: Thu, 22 Jun 2023 19:44:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 163 KB
47 KB 1444ms
1443ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2447352499&didk=3991379447&sfv=1-0-40&ists=1&fas=8&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658588&lmt=1687376658&dlt=1687376657744&idt=718&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d25c94e5b545a1327fe6f47eb2fb86006fcd9dba9d946dd2a4be74e9a1a15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48048
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 436ms
435ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90&ifi=2&adks=2619639180&didk=2861604050&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658595&lmt=1687376658&dlt=1687376657744&idt=718&adxs=315&adys=155&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=1600x280&msz=970x-1&fws=4&ohw=1600&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc69368148e766881cecd7247479b601ea1dda8a017c960f3311e8fec7f63fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9817
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 850 B
445 B 631ms
629ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90&fluid=height&ifi=3&adks=905423781&didk=4180154659&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658600&lmt=1687376658&dlt=1687376657744&idt=718&adxs=315&adys=1359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=970x280&msz=970x-1&fws=4&ohw=1600&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466b0e5716a04e71a1e5978a7cce0155bbf91a46ac623f4d2709fd7937512c78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 415
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 1129ms
1128ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cstickybottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=4&adks=396462409&didk=2469753850&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658602&lmt=1687376658&dlt=1687376657744&idt=718&adxs=436&adys=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19548f8289d4b24aa28abbf3cbef12890c91a15372c0bf741630b3c51bf93a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 992ms
991ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cpageskin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=5&adks=1502987301&didk=133821678&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658605&lmt=1687376658&dlt=1687376657744&idt=718&adxs=33&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=300x-1&msz=160x-1&fws=516&ohw=300&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0766cc8115ac2b7e68cfa59253b7b29c5604a4f0c84d40449c79eb88d132bec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12608
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 907 B
455 B 795ms
794ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESHv2%2Cpageskin_genel-sag&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C160x600%7C120x600&fluid=height&ifi=6&adks=2966292975&didk=403647575&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1687376658608&lmt=1687376658&dlt=1687376657744&idt=718&adxs=1407&adys=153&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=300x-1&msz=160x-1&fws=516&ohw=300&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

031e03ec474bfd9ef7c5a678378f1aa70588f5a62af4d2a8ffa4f802e48b7386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 425
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95FA 6 KB
3 KB 226ms
91ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/ 37 KB
13 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b364aa5ec35c70520296a6172a1d7963535eeb7f6b246f41cf66af5d315f1215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 16:51:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10341
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13147
x-xss-protection: 0
server: cafe
etag: 3115308656160103658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 20 Jun 2024 16:51:57 GMT

GET
H2 200 ahmet-nur-cebiden-tff-baskani-mehmet-buyukeksiye-tepki_3527d629.jpg
icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ 93 KB
93 KB 40ms
40ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/788x450-85/resimler/diger/kok/2023/06/21/ahmet-nur-cebiden-tff-baskani-mehmet-buyukeksiye-tepki_3527d629.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fde7e8b896df8fe336a78b6e5f02646f8fd2e4c222ead991e575aa6c40adc8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:18 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 82
cf-polished: origSize=100516
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 94887
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "c07d924b47352adea009239a77cc36959627cd51"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebed4a8d19016-FRA
esh2: 788
expires: Thu, 20 Jun 2024 19:42:04 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1065653642/ 42 B
455 B 196ms
70ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1065653642/?random=1687376658530&cv=11&fst=1687374000000&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=92656477&rmt_tld=0&ipr=y

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1065653642/ 42 B
455 B 197ms
71ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1065653642/?random=1687376658530&cv=11&fst=1687374000000&bg=ffffff&guid=ON&async=1&gtm=45je36e2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=0&tiba=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=92656477&rmt_tld=1&ipr=y

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
607 B 84ms
80ms Stylesheet
text/css 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-sD1gcg2NNO9ofQftLCcs0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-sD1gcg2NNO9ofQftLCcs0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 234ms
109ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b528d1158bcf6be370dbad4ee1ce2ab417c5e278d7729044659e11866226482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11209
x-xss-protection: 0

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 105ms
30ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:37:41 GMT
via: 1.1 google
age: 398
x-guploader-uploadid: ADPycdtNAW-eDhECAiflCs8nW6Ngs47PCNb2ogOPfefQPBm0PPhVOqb7y_m2-uhFo0lwVM9Uaaov8eD_xGskIgd4_6mnemQm0ZoD
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Wed, 21 Jun 2023 20:37:41 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 179ms
89ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Jun 2023 19:44:19 GMT

GET
H2 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C7E 6 KB
3 KB 55ms
54ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C0D7 624 B
557 B 101ms
98ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNUittQhYEzOffr20VJ4GoZb0-SQemQqRtRXZMU2MFQddqeute-PZ2-U0EOO2sG4Jtts2oVKpbmmSwMlVm53dNA1qu3y49EVxO3nqz5aQkQNwO9fw9bjWluoSDL8i1JCsKe8vlbORJ-opuhZhQGu2XgPuHHIuoJ6rXSPtlgxzDWvk4nicKS6iU3wgKovfLcAmBVpv2HB

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:19 GMT
expires: Wed, 21 Jun 2023 19:44:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C7E 78 KB
28 KB 266ms
145ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C7E 42 B
110 B 212ms
92ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Buy7o9x2qLGicF5ANIK_cACB7jbPeQ-U0WArSLIdzNJZgxUYhDQTxP_wZO5MjaQqxIbTk-Xiru9_-_hHodUzPbJDc_t-1H5CanOyBJOnLDN8LbRW4

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C7E 0
349 B 211ms
91ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7508964173973863674&x=1&ct=76

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 2C7E 3 KB
1 KB 189ms
63ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 2C7E 19 KB
8 KB 182ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C7E 178 KB
56 KB 221ms
97ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
314 B 46ms
44ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 86e812c5be86b790f559a1d2174a34961a3ad9a7171d514e72c66b966f11a060

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: a689e7247a80022d70901ae23b2d1f2d
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 122ms
53ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ensonhaber.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.ensonhaber.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 21 Jun 2023 19:44:19 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 9873562905664dcb283bcb4d38f40852

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 122ms
67ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 16BA 15 KB
6 KB 112ms
37ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.ensonhaber.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
server: Kestrel
server-processing-duration-in-ticks: 241332
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 67ms
65ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 1003ms
1003ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=590735192495329&correlator=1969500449540005&output=ldjh&gdfp_req=1&vrg=202306140101&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90&fluid=height&ifi=7&adks=761646626&didk=2057696147&sfv=1-0-40&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Db56ea70f008b1b25%3AT%3D1687376658%3ART%3D1687376658%3AS%3DALNI_MZJVVw3yeoUAfy_jDpg7rdrFUiy6A&gpic=UID%3D00000c4ca101a7e4%3AT%3D1687376658%3ART%3D1687376658%3AS%3DALNI_MZ0q-BofydR8WxliAr6S3fGG16i3w&abxe=1&dt=1687376659262&lmt=1687376659&dlt=1687376657744&idt=718&adxs=315&adys=1234&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=970x280&msz=970x0&fws=4&ohw=1600&ga_vid=2032561920.1687376659&ga_sid=1687376659&ga_hid=868516779&ga_fc=true&a3p=EhcKCHJ0YmhvdXNlGPGE8vuNMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjxhPL7jTFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3491fe6c338d467ebefaa17e5b787b46c1a4edb9d19d40fbea28e7eeb47f92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11799
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C0D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

43 B
766 B

38ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNUittQhYEzOffr20VJ4GoZb0-SQemQqRtRXZMU2MFQddqeute-PZ2-U0EOO2sG4Jtts2oVKpbmmSwMlVm53dNA1qu3y49EVxO3nqz5aQkQNwO9fw9bjWluoSDL8i1JCsKe8vlbORJ-opuhZhQGu2XgPuHHIuoJ6rXSPtlgxzDWvk4nicKS6iU3wgKovfLcAmBVpv2HB
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C0D7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTE988aGjkSbfY1GtEaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

43 B
766 B

73ms
34ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNUittQhYEzOffr20VJ4GoZb0-SQemQqRtRXZMU2MFQddqeute-PZ2-U0EOO2sG4Jtts2oVKpbmmSwMlVm53dNA1qu3y49EVxO3nqz5aQkQNwO9fw9bjWluoSDL8i1JCsKe8vlbORJ-opuhZhQGu2XgPuHHIuoJ6rXSPtlgxzDWvk4nicKS6iU3wgKovfLcAmBVpv2HB
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C0D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

43 B
1 KB

38ms
33ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNUittQhYEzOffr20VJ4GoZb0-SQemQqRtRXZMU2MFQddqeute-PZ2-U0EOO2sG4Jtts2oVKpbmmSwMlVm53dNA1qu3y49EVxO3nqz5aQkQNwO9fw9bjWluoSDL8i1JCsKe8vlbORJ-opuhZhQGu2XgPuHHIuoJ6rXSPtlgxzDWvk4nicKS6iU3wgKovfLcAmBVpv2HB

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:19 GMT
AN-X-Request-Uuid: db3567f9-4960-4812-b7a5-09d1d204c843
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C0D7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

170 B
243 B

77ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:44:19 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b4c0c3c8-fe2f-4a65-b971-e3c15eddbfd9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD11 13 KB
5 KB 60ms
58ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:49:13 GMT
expires: Thu, 20 Jun 2024 18:49:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D80 783 B
956 B 69ms
68ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b12390e1b07b48f7f39eae46cde591722b88a87e485e3c7865803dc9a41b7e4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qITmqShN1VXBKZ_LpR6oUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-qITmqShN1VXBKZ_LpR6oUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:19 GMT
expires: Wed, 21 Jun 2023 19:44:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame 16BA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ensonhaber.com&sn=ChromeSyncframe&so=0&topUrl=www.ensonhaber.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ZekXAnxpbWZ6ZmFUMFYzT3d4ZWxObmdFTFA0SWRzRGNVTHdTellWMFovTlZqQi9aT2YwL2dWZlNTTmdoblc5YXNpV01KMnB4emk3TEFKMzVTY1NEbTdUL2VGYUdUV1ZhcGwyYVU4R2ZiWDU2VWZTTGFYM29Gd01BRi9sck...

419 B
645 B

128ms
31ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZekXAnxpbWZ6ZmFUMFYzT3d4ZWxObmdFTFA0SWRzRGNVTHdTellWMFovTlZqQi9aT2YwL2dWZlNTTmdoblc5YXNpV01KMnB4emk3TEFKMzVTY1NEbTdUL2VGYUdUV1ZhcGwyYVU4R2ZiWDU2VWZTTGFYM29Gd01BRi9sckkxV09HbXUyUk1vaVBIT1FTUzNjY0h5ckhieXlpNFBET1VQQUlmWXRMS2VFeWJQQ2E5Qm93SlZCWjgyNERXb2QxY1U1MGtCa1FUeDFOM09zbGs0RktJbUN0V2tUK09iZHhVK2dmckoyR21WL05Rd25xMzFETk1CRndxWm9aYk56OStpdnNlQXUzT3F2a2hUWGxUV09yRmIwRVpHZ1RYZz09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc04e6a69cfcf1b12f47e1b34e7c4520e665a2bcb0d8b86d27c368bc7fd254c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1229216
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZekXAnxpbWZ6ZmFUMFYzT3d4ZWxObmdFTFA0SWRzRGNVTHdTellWMFovTlZqQi9aT2YwL2dWZlNTTmdoblc5YXNpV01KMnB4emk3TEFKMzVTY1NEbTdUL2VGYUdUV1ZhcGwyYVU4R2ZiWDU2VWZTTGFYM29Gd01BRi9sckkxV09HbXUyUk1vaVBIT1FTUzNjY0h5ckhieXlpNFBET1VQQUlmWXRMS2VFeWJQQ2E5Qm93SlZCWjgyNERXb2QxY1U1MGtCa1FUeDFOM09zbGs0RktJbUN0V2tUK09iZHhVK2dmckoyR21WL05Rd25xMzFETk1CRndxWm9aYk56OStpdnNlQXUzT3F2a2hUWGxUV09yRmIwRVpHZ1RYZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256799
content-length: 0
expires: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C7E 0
56 B 101ms
96ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4311450634710&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C7E 0
56 B 100ms
97ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4311450634710&version=m202301230201&ct=76&x=1&cor=7508964173973863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C7E 102 KB
39 KB 110ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A07laZp3cZUI4LkoEkIPr8qPBS2xAVHLD8Ov3beholuta1rvG5IJ4YGa3WXI8j9hpZsBmk4nvuZtkgAJlcsrjLnLHBBFl4PJYD7mR9yB1KOjNY1RINe-sl-vK8RmFWmGx1rYERQEtSKOFtNCgdWsfkPaJTUxTO383Yh7K5215PTB89DWQ&dbm_d=AKAmf-Cib2MVhgpJq5rpXDpVPkXIUOfp70lmcqLtvfsU_6MbNgOrP31_hFt7NHODc24BGGGdSDgTb6jeUg0Y4km8C61Rs8l4RVW_m5G34iu0T9tVPgMY8nVABDBSDyOfpc1r4-dYVh4E4FdILVTiLH7t2gKyAh9UWnJkh6xsf46EmYdknuCAyyhDg20soibUb0RFGcDLqyGtPm1MSfrvCr_80_oYYYnDP3Aawh_bwYG_HcEToshIbb-elC4HSgGbqdz8Dfh5Bj9HCWpqhT6gj4a9Li31vg5T-LzpfsaAr0F72KW9EEIeAxJGYdp1m9Z9JPk8fJqEs3vC8VvI0XbtPYny32BibPz82mRvuPMmZhljVpxFndR3ybVLqjQMwL_YhjkwpcBnxx_l7IhweKSeVs4YjlLjgzs7ySyZhvo6AAjkexyAMN6vgYf6rLjW-PLzzT5I-e6P_UGqkJnpDe7TOTcTDQStJTtK7HeUwMKGUKzdnwjRG-Xw86fPUOdW_ki4XSqEJJdb1V1GUd0ww2ly-pRGaQtnsvxxrNytXJkknQVa_dg3RksklO9n9lAWcUWunyXj3w8uukaqu7Z0k_DY9y9IdR0kMfhrbQ89q88FrpyQ-KbQSWFHC5NBS5vk8oMbbmd15RVaTn9xGBucM-wP6FcKQdJssQ6qa9GHEjIMSamMBt3P8P5rqLxiwDzr5ljzFCMCc2mu6NF15W-tjZvUKMRPTzKbIseAI3kDEIGSBU7G96fX6qOAwTcQhQoQrudBEitGifNSVSydiPGTR6QE7w2ChcRvhZ2fjFOlp-YBjBg7Wqyr0B8d9cG0Lu_LKRIvxxpPFK3fzXzY4usqMxQH_ZdoGUo-yKNwlNf4l9CjL8UYDriySqfFCrnxdYR-WO_qqUUfvXesgXQ6UsXzC-1Ea37lU4k2hlPxHmhPRzl2Yb-W2yRy4HzQAYuvT9bBGG6AOEDX8CRDAv4exUZcBbCtY_wSi3Kze9LLzUhwpfzlkN6tDVKXLMeiW4DgSANesHjar5dvAxKyq3oFsT77P7hvpoYG5BdLKOwnjJLXzdJE4p8cgSEsretX3tXvCq6wN9hj2VxWIITvqnjgfZ6GnM4-oEgkEOvcRsELt_uBs-Xf7_9QzN95hXveoSEEPB8YGuRNJaHj38Fr7E7kBh4_nyIOj14-x7jloA4dXp5gJSJtyE9EuFcyESDP5jxvll30fuJbQlRQ065zSZ3ZxiAl5plKEEf-O8rUOWQkuolPGUe3NKuz88hLdi7KPGFNfFf5bhB8Dc9GnugIyxubE0EvwpR7LTWvRkmDvzil66OHnw04KGZQBxjQujGldraGtKJHjh-9gKgHHCHC6Z5QZLO_vC79Bx6RPFPBNtcHITyXfMZNezWbPEr5REqNdJdYIYiIqbcYDRnUoIWBYr1Hp_A1Co6WL9Z6r3H_5Gs73kPmSsKD12EBy8ofqv0i8fzD0heWziEALwH98WmJCqm9P5FntuwiZUlW5OGF5vLhBxy1FRyz1d7imSYYm53hFFL8ksXahlquPuy8jNBCrDuoY34QutYZhKtSJt_OyeV1pWOy1h7xEtaVMts9N83jCHRo2jvYUPXjogDK9ukgg_hkWqw51lHXZpK2RoOjNFx6ztO4D8_sVaVmBDNVHFx3qcnAcfOTZ3AUL0MaFCnsV6M9QkekR-_aAaBzp2nms30CiFlqu48c5It392xMS3DMU4LKSVuArKW7RxgQv3qKq74IY7OsBb2xz2JR7uk4B_6zaNY3hGNVz6kslv8nmZFTg8jBzzmvkf2VxSHnca-O4xVR23S72zkrL-tT-skcX8-6KmzHf74m6qThNn-pI0kJXSAYX4M1zqZadqQDuwzJI44TY9Nt8n-hg13nkFtJZ3TX0w-uonAc_iFQOxmmnOsqd7_azYIkqpUCr_jYxSeXzniIdzHFHI0EVLI7D7mA0qEXSBMjefo_hZiXNBqKrjAsXC-3orhiGER7RncGPxclt8v0ZJp6hgcnOAMfY7-eaJOCVwMqjyDiFZ-MIB5bfvWSrzAjylbOrm2zXWsLoqGoTEp_Crxodk3MvYA5ly8qpYlQzF0Gqm1d6cq0t2h9gJX_ZkWG4AGx2q_M3gd-3gk88q5jtu6bXUwBQ6KNgX3XlNtOF9v_DlN1IiNP4WoZNqqBFNE-OPicrHPoZ0d1PPsGNAdW4Ifj57fka-R2vtmt8cVsW-BnfSSLJvAzo5h8RjuOdy8Lck2vYSWCgB7eRvb8bhqNqDQy2XUUR8XWWWuFapeyaUiXtlMLKHfwDKyM6WM8O2NYrkli7FWH8ze5KdNvta5JQx1Bhm7AtdE6rB4sNcmfDTkkN8JVLTT7gYyWmS13i7f-hr5PliQOlq60bY_XjgjnK_2lnhCyZEm96IU7fV0alvdTrOQ0SDuujAQmW7wx9iPACzQdp_Cbzkistq0ca45r0ajexxniY4f90-fpJDpdmCME1UxPn4zoAmdYgIfs0FrMFP4rCqXXwbZWy-VItFwI_DhOYj9tNuhAGUwakq7koGVMpPF7xSzMompcorRrqakeFCzr1XLnpNh6zbnsT4XHbVmztaUfoI6tkv0fdkKR95VVHRmMq-9IL369gQwL4sPQxy-BNaEdgAU9t9ArBXp6MgAzBbnxXzfpbCjfWBlRkctU72WA9R4RWkMCNv2SFMxNfOJJ6z3UcGZJRBxUWtpM4HGxUhelP9FMWtvewFImYJnxh8jTV91BahskGKrApi6_SvyzUR4k-RY2SKNe5Wxdvnurfg_C-FrwxGDXMThvnsMvOg2ll4jQ6LwB75WVtfaIX4i6bdMQZq5qVToYdFjwsKuYHhYXjLl3uuZJs1DPTZ0feyiCCGyKWCMz4NyiZvmV4CTmMbAoRPioJeBu1DfAtTTVQyYw9EWvdZmlPT9hgUoP7-U52BZNPyHDkOM5LTQOcJFC2nhC4ilXZQsKfYAtBLqXw2D2xlH1-KGhSdMvjB2V9t_0dY2dVaBV2HI6p4gQQJL5ijXZvBrqKnFb9rUHjncDcFOsb0f7yy5MrMrUHdhmKlFeMnuLcWl757aiM1F6-y9wX-gtafr0Er-3vin6sj8mmwqpggHdRzDmD50iQIYxhyuhlLZzRnrCvBL7YM8WHSUlwwzbRiY8quBgeoVl9DvU8XUAs5uyIgGXjrYANwQodh4T1DdFItgX9sNyMoNtcbvPyVeRfLH5_W3EeU45X0xsOQgAoPeU4DLjhfwswf58cfxUXr_-yC0W5xmdF2rEapBqFl2kC7Tq3Je5v8CZY890w42sdJXTeCMgwMvHfQRYwiF9yN-Q_mzAcDZlkOPmQlC1L_s1jDTNSMS9jUMKf4ZbBkSDjaIqKdfGtQBy1uxWyzSXhogY6IxZE-FObqeTutE0l7861UWhXvLMnm3yhuhPXiuNnWgCydHr-dO2_8_rpuXpBrnTK0blL9Pf9PbevT6P5BSTu0YGQRb8BIak-1af8NaUFxjqLq9NKSLdQsYlJx5lMQ-zFoN50PgVod5tJMMjfDZlpgYMXiZNMasYjxEXtOqIPckX3nxmaGqbRzjRoChz_OT_AayWhKH4sIgFKTBki1upjtaURlUx67ZJ9-6zaWCagp8MYcDMoixdKP6bU65YUIiSKR-5cZqdaEeh_o9xFPU_7vrcVfhqoROFVMZOJHviEgy9cruSGHQcTp7bZ7qlzIscbplOUejRh-Ar5gH3dyvmFLkTg8c0GEeNJB7KmL5AES1Hq1a6lk3YGZkgyQ8q0FC9LdtLu_mcm6qVmy5pdlwEgg9wn4c1vIdWElImk8fwxo4WQHChDLNq-Cc-7jKFM5yeI8_rnXoFhIZP3YFNbU_fNXySb57ghZ3SDdsgDt_eq6UwGrJpBkwuHw&cid=CAQSTABygQiDjq5tIbhl_EduQxS7MDH93NDuEp6mC6_9woatJ00X6LzRcsY7_ZtIdoWg3XS8VUNDXlcKRALH_t-4TaSSyT93WajBA837docYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=7508964173973863000&adk=356101037&idt=298&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7538cd7c33308dfe365b6eefb109cfd36d0995d8964fde129c7f0b2009891f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39685
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D80 0
0 101ms
90ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306140101&jk=590735192495329&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame DD11 37 KB
15 KB 65ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 14:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 14:15:15 GMT

GET
H3 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39CD 6 KB
3 KB 78ms
58ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1431402/70901275/ Frame 2C7E 244 KB
73 KB 196ms
54ms Script
application/javascript 52.17.92.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1431402/70901275/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20014135396&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jQ-ts6wcj1w_8-TAwy_LP6
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.92.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-92-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3a576a4b8b83bc391d8bf0c32615034f810a324153bac6ada9818a92db23772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2C7E 111 KB
39 KB 195ms
58ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Origin: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 2C7E 11 KB
4 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A07laZp3cZUI4LkoEkIPr8qPBS2xAVHLD8Ov3beholuta1rvG5IJ4YGa3WXI8j9hpZsBmk4nvuZtkgAJlcsrjLnLHBBFl4PJYD7mR9yB1KOjNY1RINe-sl-vK8RmFWmGx1rYERQEtSKOFtNCgdWsfkPaJTUxTO383Yh7K5215PTB89DWQ&dbm_d=AKAmf-Cib2MVhgpJq5rpXDpVPkXIUOfp70lmcqLtvfsU_6MbNgOrP31_hFt7NHODc24BGGGdSDgTb6jeUg0Y4km8C61Rs8l4RVW_m5G34iu0T9tVPgMY8nVABDBSDyOfpc1r4-dYVh4E4FdILVTiLH7t2gKyAh9UWnJkh6xsf46EmYdknuCAyyhDg20soibUb0RFGcDLqyGtPm1MSfrvCr_80_oYYYnDP3Aawh_bwYG_HcEToshIbb-elC4HSgGbqdz8Dfh5Bj9HCWpqhT6gj4a9Li31vg5T-LzpfsaAr0F72KW9EEIeAxJGYdp1m9Z9JPk8fJqEs3vC8VvI0XbtPYny32BibPz82mRvuPMmZhljVpxFndR3ybVLqjQMwL_YhjkwpcBnxx_l7IhweKSeVs4YjlLjgzs7ySyZhvo6AAjkexyAMN6vgYf6rLjW-PLzzT5I-e6P_UGqkJnpDe7TOTcTDQStJTtK7HeUwMKGUKzdnwjRG-Xw86fPUOdW_ki4XSqEJJdb1V1GUd0ww2ly-pRGaQtnsvxxrNytXJkknQVa_dg3RksklO9n9lAWcUWunyXj3w8uukaqu7Z0k_DY9y9IdR0kMfhrbQ89q88FrpyQ-KbQSWFHC5NBS5vk8oMbbmd15RVaTn9xGBucM-wP6FcKQdJssQ6qa9GHEjIMSamMBt3P8P5rqLxiwDzr5ljzFCMCc2mu6NF15W-tjZvUKMRPTzKbIseAI3kDEIGSBU7G96fX6qOAwTcQhQoQrudBEitGifNSVSydiPGTR6QE7w2ChcRvhZ2fjFOlp-YBjBg7Wqyr0B8d9cG0Lu_LKRIvxxpPFK3fzXzY4usqMxQH_ZdoGUo-yKNwlNf4l9CjL8UYDriySqfFCrnxdYR-WO_qqUUfvXesgXQ6UsXzC-1Ea37lU4k2hlPxHmhPRzl2Yb-W2yRy4HzQAYuvT9bBGG6AOEDX8CRDAv4exUZcBbCtY_wSi3Kze9LLzUhwpfzlkN6tDVKXLMeiW4DgSANesHjar5dvAxKyq3oFsT77P7hvpoYG5BdLKOwnjJLXzdJE4p8cgSEsretX3tXvCq6wN9hj2VxWIITvqnjgfZ6GnM4-oEgkEOvcRsELt_uBs-Xf7_9QzN95hXveoSEEPB8YGuRNJaHj38Fr7E7kBh4_nyIOj14-x7jloA4dXp5gJSJtyE9EuFcyESDP5jxvll30fuJbQlRQ065zSZ3ZxiAl5plKEEf-O8rUOWQkuolPGUe3NKuz88hLdi7KPGFNfFf5bhB8Dc9GnugIyxubE0EvwpR7LTWvRkmDvzil66OHnw04KGZQBxjQujGldraGtKJHjh-9gKgHHCHC6Z5QZLO_vC79Bx6RPFPBNtcHITyXfMZNezWbPEr5REqNdJdYIYiIqbcYDRnUoIWBYr1Hp_A1Co6WL9Z6r3H_5Gs73kPmSsKD12EBy8ofqv0i8fzD0heWziEALwH98WmJCqm9P5FntuwiZUlW5OGF5vLhBxy1FRyz1d7imSYYm53hFFL8ksXahlquPuy8jNBCrDuoY34QutYZhKtSJt_OyeV1pWOy1h7xEtaVMts9N83jCHRo2jvYUPXjogDK9ukgg_hkWqw51lHXZpK2RoOjNFx6ztO4D8_sVaVmBDNVHFx3qcnAcfOTZ3AUL0MaFCnsV6M9QkekR-_aAaBzp2nms30CiFlqu48c5It392xMS3DMU4LKSVuArKW7RxgQv3qKq74IY7OsBb2xz2JR7uk4B_6zaNY3hGNVz6kslv8nmZFTg8jBzzmvkf2VxSHnca-O4xVR23S72zkrL-tT-skcX8-6KmzHf74m6qThNn-pI0kJXSAYX4M1zqZadqQDuwzJI44TY9Nt8n-hg13nkFtJZ3TX0w-uonAc_iFQOxmmnOsqd7_azYIkqpUCr_jYxSeXzniIdzHFHI0EVLI7D7mA0qEXSBMjefo_hZiXNBqKrjAsXC-3orhiGER7RncGPxclt8v0ZJp6hgcnOAMfY7-eaJOCVwMqjyDiFZ-MIB5bfvWSrzAjylbOrm2zXWsLoqGoTEp_Crxodk3MvYA5ly8qpYlQzF0Gqm1d6cq0t2h9gJX_ZkWG4AGx2q_M3gd-3gk88q5jtu6bXUwBQ6KNgX3XlNtOF9v_DlN1IiNP4WoZNqqBFNE-OPicrHPoZ0d1PPsGNAdW4Ifj57fka-R2vtmt8cVsW-BnfSSLJvAzo5h8RjuOdy8Lck2vYSWCgB7eRvb8bhqNqDQy2XUUR8XWWWuFapeyaUiXtlMLKHfwDKyM6WM8O2NYrkli7FWH8ze5KdNvta5JQx1Bhm7AtdE6rB4sNcmfDTkkN8JVLTT7gYyWmS13i7f-hr5PliQOlq60bY_XjgjnK_2lnhCyZEm96IU7fV0alvdTrOQ0SDuujAQmW7wx9iPACzQdp_Cbzkistq0ca45r0ajexxniY4f90-fpJDpdmCME1UxPn4zoAmdYgIfs0FrMFP4rCqXXwbZWy-VItFwI_DhOYj9tNuhAGUwakq7koGVMpPF7xSzMompcorRrqakeFCzr1XLnpNh6zbnsT4XHbVmztaUfoI6tkv0fdkKR95VVHRmMq-9IL369gQwL4sPQxy-BNaEdgAU9t9ArBXp6MgAzBbnxXzfpbCjfWBlRkctU72WA9R4RWkMCNv2SFMxNfOJJ6z3UcGZJRBxUWtpM4HGxUhelP9FMWtvewFImYJnxh8jTV91BahskGKrApi6_SvyzUR4k-RY2SKNe5Wxdvnurfg_C-FrwxGDXMThvnsMvOg2ll4jQ6LwB75WVtfaIX4i6bdMQZq5qVToYdFjwsKuYHhYXjLl3uuZJs1DPTZ0feyiCCGyKWCMz4NyiZvmV4CTmMbAoRPioJeBu1DfAtTTVQyYw9EWvdZmlPT9hgUoP7-U52BZNPyHDkOM5LTQOcJFC2nhC4ilXZQsKfYAtBLqXw2D2xlH1-KGhSdMvjB2V9t_0dY2dVaBV2HI6p4gQQJL5ijXZvBrqKnFb9rUHjncDcFOsb0f7yy5MrMrUHdhmKlFeMnuLcWl757aiM1F6-y9wX-gtafr0Er-3vin6sj8mmwqpggHdRzDmD50iQIYxhyuhlLZzRnrCvBL7YM8WHSUlwwzbRiY8quBgeoVl9DvU8XUAs5uyIgGXjrYANwQodh4T1DdFItgX9sNyMoNtcbvPyVeRfLH5_W3EeU45X0xsOQgAoPeU4DLjhfwswf58cfxUXr_-yC0W5xmdF2rEapBqFl2kC7Tq3Je5v8CZY890w42sdJXTeCMgwMvHfQRYwiF9yN-Q_mzAcDZlkOPmQlC1L_s1jDTNSMS9jUMKf4ZbBkSDjaIqKdfGtQBy1uxWyzSXhogY6IxZE-FObqeTutE0l7861UWhXvLMnm3yhuhPXiuNnWgCydHr-dO2_8_rpuXpBrnTK0blL9Pf9PbevT6P5BSTu0YGQRb8BIak-1af8NaUFxjqLq9NKSLdQsYlJx5lMQ-zFoN50PgVod5tJMMjfDZlpgYMXiZNMasYjxEXtOqIPckX3nxmaGqbRzjRoChz_OT_AayWhKH4sIgFKTBki1upjtaURlUx67ZJ9-6zaWCagp8MYcDMoixdKP6bU65YUIiSKR-5cZqdaEeh_o9xFPU_7vrcVfhqoROFVMZOJHviEgy9cruSGHQcTp7bZ7qlzIscbplOUejRh-Ar5gH3dyvmFLkTg8c0GEeNJB7KmL5AES1Hq1a6lk3YGZkgyQ8q0FC9LdtLu_mcm6qVmy5pdlwEgg9wn4c1vIdWElImk8fwxo4WQHChDLNq-Cc-7jKFM5yeI8_rnXoFhIZP3YFNbU_fNXySb57ghZ3SDdsgDt_eq6UwGrJpBkwuHw&cid=CAQSTABygQiDjq5tIbhl_EduQxS7MDH93NDuEp6mC6_9woatJ00X6LzRcsY7_ZtIdoWg3XS8VUNDXlcKRALH_t-4TaSSyT93WajBA837docYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=7508964173973863000&adk=356101037&idt=298&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 2C7E 30 KB
11 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C7E 41 KB
15 KB 61ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 2C7E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c33d64587a75589b501bccbd5377d98eb3d03a2ab5ce837e6bbecd29c4a00f33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCA0 6 KB
3 KB 59ms
57ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2CD1 624 B
245 B 102ms
100ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQv4LBARik05rsATAB&v=APEucNWArWBkZm27tzmNX3AzW2uXjON1gZOZElTnvhx6DJgEqLzCfu95fRdI4l1GEwTX8yblARg0m6tqbWDWakwq4X3Z7QjircvDNOVEJjWaADrJLZqhlbxCOPeEY_6dZbZx6_m6WX-RzqYJjCMGOdM295a84Aq2VZ5VoFuHbeo00I4ek9-DK24aO3IOCBKm29n_ogoi1Ml8

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:19 GMT
expires: Wed, 21 Jun 2023 19:44:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 39CD 78 KB
27 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 42 B
63 B 101ms
99ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D51Pp_28hNKfWnSzCiD5akpdQ0sS6OqFAUfizjER3F-BDlB73S8UWhvMy6i4BnzELw_XO6calOxj-jEAZEmgD_KIDAgLWeuP2E4L6rgCEX4kKSAes

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 0
20 B 100ms
99ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3731352434064825481&x=1&ct=76

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1316115/71738579/xbbe/creative/ Frame 39CD 252 KB
77 KB 99ms
97ms Script
application/javascript 52.17.92.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1316115/71738579/xbbe/creative/adj?p=APEucNWy33QpoBKMg8wisveLpI8BY0xlwURr7Z8p-seuNdqQsl3uxj8&d=CokBAKAmf-Ab0VXXUMNgUR8ngurxlKf_5SoTJF_ZuU4hqa6rSCr_kqQMdG74aRsolQhjB4SL3nZkloTUCy07PjOn2gsllfppFAWMZoGy2aKUAvLWV0KWsovsihffp0x6FDAKlcgddu8vvvFWkj7hiuMGNhKq5g23fQF8BD6MbddMcdjErqql4T7lBugSuRUAoCZ_4Jyv3eub9s8pDUmN0iLeyEmNXmpCqez9A_6YOPVnLVzK5OWcFbZLOkAHcJ_xMsbbybdQnDcrRA9pwsy-nOVn1Wvb6fScxy0ftkh2UAay147ent5XbFR5BU_QPh6rsYm7pcW30UYeL277UE9hB1W8a33O97uz_wXqaXZlBr45_bL-pE9gNNcFIb61HbI_LCFJrLojEdpCo3ESTc30opezgCTQudKDv20-imld4qoWtru_yHHM3o1Oc9p_1BED5EMF94VCKolvfqXH4UgKDPzyhkrryCvMEMocQfcV6libpIHKFaqDUrATMWxptu5cdMtARrGsMWzaRuCEQG0GPC-M_hbRHk5p9gkQsoLHTtb2xTfM6upKCv0edp2h9D3mDJ2NAXH2Q0L8ENiYRg_F7VLn7R2nBHFRTHEx6PDvbxYnh4AGzst4faIZhlwlEnABCkcn2kFItF0LwDXYe4Rww_Kd49mp3rwtf-9xiFYRcCvpCoebt88p2eZF8m0wgJJ8kYdeZ7KU9zCd6sJ7ETathbpDpm2XyK_NCocKwqwm8iaJvbbdwla-zQt9rcc06g6U09WreimK11rjMeRQC-TU0vfs0AR6opQ72P4g6Vpe7P3IDTGbTECj4ml-zbgBiusqzLgLmIsSxTbIks9RbxXfliDQwZIPM8hwJbzdJa2ON5IpIJSG05i9QfUAPnDLaLXVNDmLrllsjKLQNg3xMen8cVYw-Qoe41py7Bq2a0FU63pUTi7J5tk0E_UiQgRQRSu85Tvx6WBj8p6DsUiqbAc_S0ma8uptlPwpTGxFIqvWQnVWAm28Z-bAFhtvbtXHVQtWeCZBIZKY1p5zA2gpbttCncz0RGVNyldrzmewfU1Cumo2tLaMFbgb1Ct93EVVhFjTjkzMBg6a7KvMmfV6t_LzRIgFogSCJt-yBaF7Bm8B_mHHezqPJ_8rKFucyWvlwWKQ_1XB1Uqxy1Z87S9n1xcU4vQ3q_l5coKylwuzocwthDTlJfS8Nm3k7_aM12n9oARVhZR50ohkvETN2YJJfA3qbubhe4WgLJiPXybo5DDYxU31_k3A0O2PTNSstpSXis1IRItl5OiVrnJ4XfMNcjyvEm4Ypj07W-rOO0JR95xcBcv4kwub60-7fRl2FEWxNCq23G9KO8v5ukDms_KpDdAbbGsVWMRsCZ3rnpPXFgfCisk9nM53tfzuJriRl4e9_4M_qTmBe7-Tj__9xdaWykx0ITU9sw5FL6buFgZbZjd4O3x9VZHJlzH1L5VLbCAf2k3zNZGQUo0VWHpd2wGv37KrDN7TR7-9UNpSUFecqYD65W5Z9E2ShTG8IM7I2ahHgd848tcasBg8Iv91JCt2CdpgO86k1n06Lq_pBDjv8xFDPQgafXG6pSqdbUCtzzR6jCw7eJGuc1hQ7I_6peNQJLHCYvxsmu8HW8I08ajAeMYycN859GJZjb_kHDxH8b4h5_K_3RP5taCjQrlyfl5sLSSSdm4r_X508iCZX3xCDrYY2ywDqocDFLYe49VlRethgtnDHnyc6aXwl-28-eL6BAn5V9e1tVea6efNt4bTgMN_IYGsMJ1cNMi9QVybHbqm2DmIyUHG9stzo0wx1NOPnsRWiSsE5H84FFm_zE038iLW7BCc7LxPynBIsrb1KN3Y9ybTL1a3iyfieKgDJcgl_jGVOCoftsJO-rY_y2iCOIg9sq61qTZb1hjVAIFxwVD1-MuNO5A19FuMYbBv_Ijwc7kK48xr-WBSuyV_9z07lvHmhSL_0nUNtFwp3SUEaIDQ0KkYPXR-lHvIHPrNADDyBXl_T1Daa8mys06AukrJ0BLkNYYcP7JbmeONu6Dfwy0riiMmvtfWGzdrBZcEVcKi3xdl4LmHr_xYsr0CVGg-swNzcMG8BPiPiutVUGfP4HT_x6sr-8gMqtaYdUe1cdXhVxLyNnSD444AKZSMI9PIRK6Rcm_utVDrqpyQJ9uj9ex1lciHOBKCNew3Xr9PdKjavxZ6CSig0DM7HcynT88rKEbCbrUcxfZj5KsvLqceMGSUenkeHRaOucPThI4xYeTZvQSq4Pz2E-DzL1pMIr-7YgquRVejUqNGzWr8UqbZARTqa-el7W5I8h-mCRt-THxVFLQBbvD6wyu9PjgJeJhDbZ5QswLpe8VJUwk_0gqrg9uJQz8M7oQhf4GSTwpvAPAsS6UiRicT8SLL2KSNyx5p6au2S8YiFk6wcMjsF5RQLcSbYVpNMTIysYQEKIDfklp8Yrriu0BdUC4_B2OIsJ-kQqdESo6z8VoVTxPUzkyXv_lU0u6fc4De6ll5hemh9vGBnKMcMl78FFigbEjrA-cfFf4XPuJB8e3k9H0Gjya61CEH_WPniGDyanSeqJkhdpq4gHxO1aMGiGe6fWWZCO_7ineWDL4IY5nvXv7_7B5eg4N7RoD2AW1tvp5F-QXck7DGA_lx3JjXMAchfQSbhNS5j379eNj_ddsIOl5jV6TdvImr8EXnBcvVWtsvmFf6OH3UExyTBslWMgDlvmCBybJKIrTLe8M3ZmagvYLh2-zZu-jLDNRBsBykBHuP62VgXsu85ie4CXCnczZszJ09n7Tz14LRbbvLMSCNsHSu7fm2TooZdsx-nzgqeKge-B9EC7UEDTWN_WpElizJyLGtWKQdlnp9vEBspH-LSskBstGaNiBUqc6-uzVsIFysQC5gLtQCfYKkSeZqfkVsS40nvu68SpVEz12lkbsIF7XHv33iIwRCwg8oadr1QNsTy28Ec1BhcryFySV0Y4018NBNaNTrZWl1raPLJhMzenmJedYUv5ntrfiTb5n3HdgP384_VXhksGiCNFDoHD8LKtQA8knGqZA7wBPHrFhnweVoEZRtaJ5mVRwozDJ-Trsge0sgLGfbY2fW1OY8wNgcEnDGICx2-h1zykNd7ElzgEGt-uSsnHUug0vhC7MP6eaiXWLTLDdqetXSkIbu91B8-ukXxKc9hPdfhZ7rT9fkJzP-43NkKbB6_bjgye_W2LWw3QcTXfVjCFJRZgA2o0oIwuQpWEY-KvuMOZas_WSGXqytmrBf0_adO8f1fFS20GyIutsi9pRxxhhwoM2s44lpTlgF0vGL0Pd-Y3J59Y-mmzV4kU1xgS6RuEkN2kbXAkG-Evl8QEXWWxDRudJtpwFrXOF3AK-ZfilyzxsubN6eCp3bHK4O1bXVAiSyo-uJbtZ8BSXCcj7fiwOwTs4BCbuodPGBwNyoL5X_xhu6-hHA-8Mo-aXl-odxtCINfmlTlczpuoLD9IWQxJAeyB25fDfvwsR_EtgI4Gca4tGVOBLKABqKDXc3fIjWtC0aRQNKnB06RsS8cA5uRP-wGRP3ziXFopgD2Ls4un2lFvU_yowhovvDBnh5_QvJoXDWNmuLqx-KH56BG2zKhWxw4u62Wpogq9V9RPYI-rq2pRIcxNiI8azB2-IWm2G7WTp1-LSfPZEz7m1p76kCvq-hL_eYBIqFWIayPskghiAnD-6cfpA-0NFBiqlK4nBeUPxthgBaSinuHdCnuMImrNumMzIa2iuBoBo0lsld7d2BS5LwmNoY0KXXuQDve75Vm8kNSasa1pdYBesoExbZmInGhlnceQdx92XMSeM3dLYfUW0B66T6cpmh3XWCvaBodusrO7fotEcI5mIaUQgEEksAcoEIgzJd9h-6_qmaKSlXcJIMlAMmvHHEI9V0NKttozpvihJx3eVfKa4db0d3Z1g8pY922LZ_sQWnC-eW_kAXk_IfH2xL06HRCuUYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1010526756&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=19655233655&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iH-i2UYOBcy425EjwnovbL
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.92.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-92-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 221dd58a59c7638834d100001d3c2b61befdafb3b2f65e06cf1c9926b8a081ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 39CD 3 KB
1 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 39CD 19 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 39CD 178 KB
56 KB 130ms
128ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3DB3 22 KB
8 KB 69ms
67ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 384D 640 B
265 B 114ms
102ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:19 GMT
expires: Wed, 21 Jun 2023 19:44:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BCA0 78 KB
27 KB 122ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA0 42 B
63 B 112ms
108ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBs9MN5sZ0g8umtb7d24jy6RuelRvrie5JpBNsGPdJQjfXqKafCPi7whrnYX7iH0vmOTfbbQjCqu_jgNoA6B951EkLc8QD6fTQZQzWFQv8Sfv64lw

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA0 0
20 B 113ms
108ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2612037504747888896&x=1&ct=76

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame BCA0
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1427322/71304158/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1012364583&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif

43 B
482 B

99ms
47ms

Image
image/gif

2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 01:30:24 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23825637
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: vT6PKq196aTYmCkw33fkAejVX84pBGwcz7E0_5FGdXbjNbU-PdwcSg==

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BCA0 3 KB
1 KB 109ms
104ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame BCA0 19 KB
8 KB 108ms
105ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCA0 178 KB
56 KB 116ms
112ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DD11 0
10 B 102ms
98ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?khqZBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5040575257582014076/CbV_EX90_DE_970x250/ Frame C2A0 5 KB
2 KB 189ms
58ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5040575257582014076/CbV_EX90_DE_970x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c7853a5a83fb94706e5a73a94898dddd2c9bd90650a0db680c84897c99ceffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 450084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1770
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 14:42:56 GMT
expires: Sat, 15 Jun 2024 14:42:56 GMT
last-modified: Thu, 20 Apr 2023 13:50:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C7E 0
0 240ms
103ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssH8oe7x6Oa_SHhCNyZFVSzb0TA1GD6ICO4dpolRgaZP_Zx_xAiLUxhlqbEouBLv-4kIJ-t3ZKeCdlsI0GxqgZKG_Lrp3fYHy1WrCH8RmwPw2nJ4LXb5YlesC9icfDGuWoRummmmWSUfbuwDPQC5Zyhjr4R1SWO6s0afDjBS5GTDWno79QIzZHW6cuE20IJWJ4pHrXB_ATRiT5DQhMQoNk2gAa7U95SZ7n58UXU_8V-RjwrHRVYOqvATqMlyiJK3-O9SbbbjTBUMNIy10kEHbq9HzPugXMJxeu3zWxnUPm5I5QtUSjg675NYhMP9uTheCjfuLzyx2XjNKcNZf7_EcHbBbr4myP1EB992l02MUJ3J_XeCry7Lpj7dD8EkJgfRWo5j_PJBCbaRhI88GRxB5xgaj1gMVzVyJkIVvQr8FPbA3J3iv8LKYI5OB0FWGrn-jXesHkVIkglX-aTElXBSbLhtfLJozVFWnZjAAx07TC5wl_sj2qyUxE0FUoLJ6qInB4QGtgxth5_f_SM7akzd7O5HJyvXcRDorDYDYkmHdRuEXyMtXdTuIG80dFB7fi_Qevm8xomik0XsPfJOapUZAE2CWn7IUnUkU_Ko0HRGUGzBLqF3ocgvRDG_jxEkasayswXmj2cBFs-JcCZTSTVXNWdT2bdbcJqVBXb0mDC4fwIFNr7bx8k554Pxfm47t8d48dEiqw4HFW1---JWcOZ0o5lkS6DiXq7h5yHZ3NzBCLxsDu1_eeQ_TrlWjdDtqRpUtORqqAWg6fi0Ind4BfZiVJwoSmqOlJuUdwReYFI3-ZNSoMkKzdISDZmnf6P5LLrfZq3wFQERlyIsQf5mxRxGZGmYkIuQcashDOmsoQB7fwx97aAIln_8utRrUEHdYqgcCdy4YUrdVytTZnSMNC_OwNrWboJ2mGVqFOssUt-pMEdZYZpCLvZc771oeLHrr4GVsczmgSx7iXsWMQFdAkjJL1hZga-cGpMfJm2gnVWwRLh6E1EkXlMK0fKqXAYicAqmE2jVXt6k-sqnFz8uccE4seuo9dEF664ueOA0it355x0NUzR64CVkMxyErJd15SY9iP3Le4ePjCUGKVHVbczC5c7PznKLLExWOTB5IXWyOw7-bef5EoryMxVSo3dGYjbpK5Bz9tRXuKdoaWsYPDtxPW3SXkgTh2fe0ZY8C_BvSIRO2DU5fpv0zUHtJvEzidGdlP8Rh4Zb0hqA11Q3bd3nG4c27ZJjApkOd8s-dYiIde45LyuZrP31uDiml-QdbmJ649VQa-CfjFg_eSjSFuTEmY9AN8kfA9CmuciY_nsIEnMSjy_johP45daDlvSQZUgVhnJmGbWQJ1T&sai=AMfl-YSiWtNOdL3nnqufUo3h-sG_3hWDW7euEFRoDvH2YfaHtXEm9qqVhmoXbUqJDz81sYIjBRPnw49tMmHxZuNWHU299xe6ORzj1tX1jmnM-OyX9IK3KwjN3q6vNT3TtZHSWCdSQWvkYKRg3m__Zi-IQr6E_RFJGGxf6fnAzw_31-bNqUItLjPVm-xTcPUJRiwVlUSG3G-WGWOVtWaDe2xojG7xk56s0j2I8CoJYvMmlw9y4yiKiRUHx6X6H6i4kmqNCvMIC2RmDQDH4PBddc2RgvQ0KAbapouULYCt&sig=Cg0ArKJSzBVRdxJNYqmAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=311&cbvp=1&cstd=307&cisv=r20230620.51848&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2CD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

43 B
766 B

33ms
32ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQv4LBARik05rsATAB&v=APEucNWArWBkZm27tzmNX3AzW2uXjON1gZOZElTnvhx6DJgEqLzCfu95fRdI4l1GEwTX8yblARg0m6tqbWDWakwq4X3Z7QjircvDNOVEJjWaADrJLZqhlbxCOPeEY_6dZbZx6_m6WX-RzqYJjCMGOdM295a84Aq2VZ5VoFuHbeo00I4ek9-DK24aO3IOCBKm29n_ogoi1Ml8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2CD1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJNTE988aGjkSbfY1GtEaQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1

43 B
766 B

44ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQv4LBARik05rsATAB&v=APEucNWArWBkZm27tzmNX3AzW2uXjON1gZOZElTnvhx6DJgEqLzCfu95fRdI4l1GEwTX8yblARg0m6tqbWDWakwq4X3Z7QjircvDNOVEJjWaADrJLZqhlbxCOPeEY_6dZbZx6_m6WX-RzqYJjCMGOdM295a84Aq2VZ5VoFuHbeo00I4ek9-DK24aO3IOCBKm29n_ogoi1Ml8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHTpdG1bIsZ0NAVqjv4lmF0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2CD1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

43 B
1 KB

33ms
32ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJOlvQEQv4LBARik05rsATAB&v=APEucNWArWBkZm27tzmNX3AzW2uXjON1gZOZElTnvhx6DJgEqLzCfu95fRdI4l1GEwTX8yblARg0m6tqbWDWakwq4X3Z7QjircvDNOVEJjWaADrJLZqhlbxCOPeEY_6dZbZx6_m6WX-RzqYJjCMGOdM295a84Aq2VZ5VoFuHbeo00I4ek9-DK24aO3IOCBKm29n_ogoi1Ml8

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Jun 2023 19:44:20 GMT
AN-X-Request-Uuid: a7674cbb-49d4-47c2-9b23-d74144135bad
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDjw8GdKM0ct1MR1TB1rzLI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CD1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

170 B
188 B

71ms
70ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:44:20 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.32.248.248; 193.32.248.248; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6415c22a-b672-442d-ba02-c57c0dc734a4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI1NTE0NzcwNjAxNzc5ODMwNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 2C7E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=20014135396&bidurl=ht...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

42ms
42ms

Script
application/javascript

2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:21:31 GMT
x-amz-version-id: 6WocTuTK89qveTBkoZ2Yz1Xyh4dBYRY0
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 94970
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 20 Jun 2023 17:21:29 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: lSChno7_YNbxPb5_vDj8FNrSjHYB9QWRbXNfIUsL2KNO3vOyRCbTQg==

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame DA13 91 KB
23 KB 138ms
44ms Script
application/javascript 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23602084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: k5n_Zw17Gwnc8TKvNax2NnyewqHrQST6GtDCkpVBBOhN1kkHWtJ8fw==

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 0
20 B 95ms
94ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6992822499407&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 0
20 B 94ms
93ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6992822499407&version=m202301230201&ct=76&x=1&cor=3731352434064825300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 39CD 15 KB
11 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK75LLYTzNh8s0N5C9Ap9imVKTY5ydpl84sGriNGialtjWWrcpcI2e1--X21f3mEbPRBiFRkWEkWeKR77cCLFhu_u0TGsHxQv4SU95Y5tEQbCNGwrMS5Yd9qc0aEqVSi4lZpLB8w3D587EnF9P16tT1q8tHyppZe2G_1dYJyWWZumXYX0&cry=1&dbm_d=AKAmf-Dr0qffaG5pUdjPKJEdea42szw77qwzI4X6rp-w9R723Hq2L8H6SucsW295kb8ruRJ_w1SZcS6PziXjc1SIFLUo0I6TLo8WmaLQRbMSJHMb6aW8b55N0ivw6uncZ13jy9azHlQgMWzCLIpNYLth4rMuLtPj0OSh1Z-7QmFlf6PqPBDf6nEcaFQD9fKuO-PjZ5XFfUQHW980m8KsQM84r_wbNS-Nt9lEHM_a9dt3LRLgGib49NWBqSsqpPruMLN8QrhSH2n0oKeDm5iD4lqEqoZk3vEXcqO3G05mUC7XU7_pniLyNrwXcPnZl06uxnu0W-zB-6gb-1icGFkqmRLLkq6AFKgoR91yr0GeT13yUXszKsfqzFp9BeIw2lpo6MYw_l0_ghRV68eZ1rIH9qsIGuYzAH7vyLEfLAhj69VnMYe5TU9NY247amskYLCa--_rFD9Wf_Aw0mCoa39Iq3H1X-WLKwI_zwj26T5f_4LJbuX2VF6wzQW5cZDapHy-m3cQw6xgbtQLXgyAXKNSr-NiEpia4A7KDQbsYptENWqD0WP9qBZSGiWXjPac6TMciRHGYzlJRTdpcgO_SHYmqqoM1MYF37ydadaLIqixvHzgK6aAM9uJGhWu51VEbctH7djy3tBKF3k97Z-0MGxN0bdR2nlylAuJZReVw3tiQuD_hHN96Q0e2oKxSkiozd_mbmkCNuhOFZd3N_uTQAw_tRsgKQcQlmZ82tDw7yLUAWXtlLFUJjZ4kIowmxJKHDAmnQztJ_jhOK7mSK7fKfhfBMUTMebYilPgZOYLvm-73OgiOWIuOdfmjfCrIk2-GeFt4918bWZt3313Kqy5pfKJ6LFoKZt1dxnr4-7plhUb_9ufX4vh7M89wD5Fmi25JJbtpVY15cYtkjmtfTUUiEf0TR0PqYRFtKwUsS79Z1FbphyVYe2CGwnyPOa-qUwnFGD-rQ1euYhhErpOPwX5EoIFl5_TicT-r-2aQfcetOtL2_9EhecnIyRgpm29ChA4hZfdO9ZJzOCd2_O4BToOUzJanrNeeWsnlfhTFPs8CP12__z0q_eNwzr7_KeVivaTb9ahQqEiQC2jEOvx7NZzr4BW1awRbaVy6MzlwuDH8ruMcIiQH638ywUWP5fYVsHnI5w6LKWR4WPIb21WijP7rKD48m8agCbzJ5dV2STLmuXpt4IgxumfRvb-6Dv4hzG3vLlemI0_Utmkd1BMhJIa2PHkniygmGa0-1WYG_kx6c5kSOZSdRla8sn4OPZFvhNn9MAcDapKGec6pLqHgpMaJTfA5w9GqoFvdkBw6PaOqr0cfwCRKY1rPT33Pyo_yLLdAmL-b4BKsNQc2PqIpp7PNtqyx38DM-TrQXBB0vkFf_avQi2SNZkhMWS2U_qX74VMgESFpyrx74nKieqaF_PEiu1impdTyMtbBhfK5ViBeRtk7DEWU1gTwwfIesV2WpPgPamqBUy5Dt_g4Lq8QkUQ6wB_r6xt_hEqx3JNBqkdvAzIn5atmhg_PM9ZKgP9WB9ojYQOsViqed_5AlNNNxFVzA00Tr_wKncJ-4am3j3q-ipN6Gbt-TGYf8TrUVNVj9bZkaZBxJFi1vWEM_xwANc87Y-ZAKNj3LmBMibd_nbC6Uka0eALpBVNGN0PM24eEcSOokFRRSvHYyo1ghI6Qp85dvqRCGNOjfJNevqDtJzpHzL5B506ZLIASN-Z4kYIjAMB-a7qTbUABRoz4VzilkcPOacCGZ2LYkj_KJAJiPoG64Vo4r2kdVaj4aJyXEWqHRn_HMdfsBnndqGORYPX0lEezDjUdn91YUysW1fHQHJHGUa38X-8tRA8y823bOmIXCrkM4wCL1ZSA94w49ywqkj5skmcLzkn9dS42H75sddKy-J3tiDUYqi6dzJjBR67Qobyqi6ebKLxG8eefsn7l8xzVJfzDatz9KdPwKdmo_WSeRlTGpGB7fEmu_2Oh22q_NVuO1UpJ8QzV68l6gAm_nCoCSnYsjuzqnruShA28-32YHBtLDhYO6EMWdNcSqQa71SmxmwQwykds1j4sjHi8nsSe2mSzLZSxa-w0a4C8Ng4TOBiOQmpsRWuq3Vbmved62axGhKMOSBKkqNtlJbf_DRJSuPuqnMHc-9I1hE0guTJ4cjSuCmloOmqvnQUmcF9krsCLXEqe71StLmQKbo90NjUBSNRmnDgbQQa8eAb8YYt4W93uotB-3GxjB0S4Smb_K4p6CdWvc7SwY941Cg5q59sYDvDhBrNNBTJNYTULa0vlDYcQCjnF6G-D478P5jSmWyK4rgji1pX2DctD-gJ01LtshMHxe0VR5C8wXGW0GJYg2kNA3Hvs0qcIz54f6sEHgKnqSXju6wfaIP9YPkylSS4hSKWjuPK417s2275wDIjgInvOzOiZ_4mxnD5dUhfwgCARg-yuR56TTKQ8illoZNP4JI2s9wRWcYvYAV3_skTeLPTxoVX4gfP2QUeYKV5s8fcu4jXJHy16pus7d_EDIasvRmYKJuhGZsGE1FXnhfyEHadrRHeLtKaBXBiHbBa1b6Gfjf6gwjRXXGLgOybC9PaiBQxDVoyDcebh-wqTsc1ALKeehk-DtpOmlzQ6xjTtgKz6cbohxklUqVe_yci5qlsMDn6erM7wSRz0xjmhG_pj1dZNglf4q-CzP74J4_xmJWNsJUcwckBWmoo9Bsr0TzkOGYUHzIXFZs8ayZOXB31urEdm8ioUd0p0H6tyF0iSOJcptzupketWr9ZRWxb7ZjWhoJI-L7atE9bRkH9YNW5NN9_kgH8GJLr_vKqsJ0NHVDHFHfcOuuZ9rKDHlGWbHmpjIfT-sOe_nuzHqtLeWHNtbnvpp6hq8m5LTEeLzGQIPsMkQg4k6SBx4nJ25LYVMNuxo3_jKQbKdvF8QadJrYuCrpOKnGjsIeluIP8lkeOL5BIoQmPdNECyCfioZitYK5NoLB-X2nJu2s23wHPTLs1FiMTrPWjl-FHDbkbQmFlw-iyWHrziPq4dFAFUrIfKGc-woF_zSJGrAQYVUx2isgEbUEShnCIbe-dorMrw3hcvx4dhrkFt4T_5ZGcxZ_whtG-uPBMIzQaOCMToMO-wsZH12LfVT3BJ5M5eus_EIw&cid=CAQSSwBygQiDMl32H7r-qZopKVdwkgyUAya8ccQj1XQ0q22jOm-KEnHd5V8prh1vR3dnWDylj3bYtn-xBacL55b-QBeT8h8fbEvTodEK5RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=3731352434064825300&adk=2228999115&idt=148&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb3e1f3c644327568157cc6d5b75158841a4101887e0e22f9359dcd5f59ecaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4812 6 KB
3 KB 57ms
57ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 384D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdORGaOQPj4n5PTfqksF3o&google_cver=1

43 B
114 B

120ms
120ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdORGaOQPj4n5PTfqksF3o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAdORGaOQPj4n5PTfqksF3o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 384D 43 B
304 B 240ms
124ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 384D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEHtN1HVpC7y2g4S27CUsIwU&google_cver=1

23 B
163 B

58ms
57ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEHtN1HVpC7y2g4S27CUsIwU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 19:44:20 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEHtN1HVpC7y2g4S27CUsIwU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 384D 23 B
163 B 195ms
65ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNugkOkBMAE&v=APEucNUhB4ufDlSsG9WZVb3a-hSaLad6rWVjL3jCJ2JY4FLL0-CQnYK0S0A2RGLEMNdywPJ6ehcL3Y-T6f2CZ4KieAh-FadtABwuceHqz21HWqScAkrCDGbLK4GGwbSRqa1Uj94gay7y9Wr0AOzjen5q5M1iSDqB8EGHZs55Lz0OYT-q4yhTdD73EaONr8A0Csb1gemNXgOX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Wed, 21 Jun 2023 19:44:20 GMT
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C7E 43 B
215 B 581ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=9957c9e5-171b-6ed7-b70b-f811616929c7&tv=%7Bc:gcG2mZ,pingTime:-3,time:200,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:73%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:200,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:73,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B178~0%5D,as:%5B178~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvjb+11%7C12*.1431402-70901275%7C121%7C122%7C123%7C13%7C141%7C15%7C161%7C171,idMap:12*,rmeas:1,rend:0,renddet:DIV,siq:76%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C7E 43 B
215 B 699ms
256ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=9957c9e5-171b-6ed7-b70b-f811616929c7&tv=%7Bc:gcG2n3,pingTime:-6,time:204,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:204,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:73,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B181~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvjb+11%7C12*.1431402-70901275%7C121%7C122%7C123%7C13%7C141%7C15%7C161%7C171,idMap:12*,rmeas:1,rend:0,renddet:DIV,siq:76%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/ Frame C2A0 256 KB
0 137ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5040575257582014076/CbV_EX90_DE_970x250/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2488111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54976
last-modified: Sun, 17 Jan 2021 03:02:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6003a8bd-3ffb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2PnyfMClpLBe1FvMMgIbRm4%2Fn%2FbzsScKPVkSFiAHggAM%2F7gBhjAAQy7MVTfCQT6OjbeOOIOrwDDrt5EkCGcxdNvLJY6RwncW9TPzOowaLfuw1aBSNv95L8Gn1U7f5QhNAaAx6Qtr83LCm7%2FTNx46OJe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7daebedf4cee2bb8-FRA
expires: Mon, 10 Jun 2024 19:44:20 GMT

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DB3 37 KB
14 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA0 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=810243337530&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA0 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=810243337530&version=m202301230201&ct=76&x=1&cor=2612037504747888600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BCA0 89 KB
37 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYg7PmvSDf1omDiKQQFMBg8TNDmLuzVYghQqZVhTBd2An7VOzXdboLogWYq4egClWsL23kV_NMqpwR51iQQpmXhmpIYZQU_gmIHgFLfoB6tgwRGrMwUXAe4LmeWkvukunmHltieFkCtRfNx9zdIxQx6U77DNtbZHQm5LYDtBd5-uDeFlw&dbm_d=AKAmf-Dqy7NQ9yr46YxNCSk2K97z7S4irTHsq9gGz7PwoZgBCBkTlCTL9K61NLKwXPpJ-UnQcQSJq4N766Bx2ZfD2C0m4FpjoM6b6vFJxDYpJsnXFfb2IMvCY5kfa4JuiadJs4dJgD_ko_HRplowGe_GwYetQFoHtxFznBOVLofhFzw-Rok3SdRlTgYPReQN8xxAxMlCFneCG-LEBnjenaY8FM4F5B9N0wFTKp6JzZ9RiONJlNbYQH9XU59s3PifkDwVGpQvXAGUvFkG1QsAOli3h4IH4Q9XNHEK7vRlvu0joCSQCr2HBwEYpNYDaM52vTGNEca0Ca_6ZBDXg3EHtCOZE3UAcNV2vIyuGdcHC_f_QUDJjol0ZYViYa0qvhFEPYcbRdZaYGl2obViBmR6sGrFSaD-rSc0uqgQwFqWl74244UF-d6KksPEuTUZcVxh7kDsTr7W9UqWbtMcm7ynNj1FCgTfwfIUrOaQBO72mJz5c33OV_bL1CKlJgMQb4UEZXT5UETha4k43kMtAFdqpvJNCIosO1-aIHGxuLmGmCb_GS3vtsDYpHbxFvX_j5c2nM62xv3dKaaffouz1h8Rj9yi7nEeOnSPZ2ToxIYFbV71eZeHEOECua99d72d3782H2jAB7zoqzHPKwfHVPyzYVms131aCKnM0O3mBOqWhCItLvOVl9vdlBpggRd7oYpiU8k_wB7V_EBlRt1JCA7DPQeXFNnDhAmyPEJCxXxyZ6f8rkaC7V9pJZcKTxW31VJSjmRKGrY9EjjBSbuAFcEHpPugunbfrEPSsDuVHzNmRuJ9W01x5-K9HH5qOPyHwOWIpMzTcyImLe2DASOIDLJEofiGD6Wq3D9_573y1t-It3EQoLv5pCZv5dodT9TrpAtbf_cNY2n2bSbAy-aPftO2X-dBHULU6BiS1YkuIY3sIaUzDYvwE69dWIZGSp4R7gPp03VT93TsNCtzheUugTgh7_rrmZTaheVunnoeFgcj3LupH2m74FLsoHeekUaA7wkvrRLXwOn-y7Kz1tbu8BipkZidOyA29kaEJ5j4vujEhi79tolFE1xTxalrO4hOaKVgnw79f8rNhoB9NWbw5zRDd7F09XZUA_SZrHSabATd6GhmvK82EIKT4kEWe0pHxIoS4jR5YpHFKdgHDeMpUIJdTiXFhxirOKOkUvvDfKxw1r3mAlmcF9Yb6_Rugibx6K7wXf5z52wL63pBJR0iqZygV2wessDJfWWVildwTjTln2NqjKFHd72s6pGlUkyMPUsZ43r7ifz-nskcLZR2RPQGYezAra3ViJHeB4aV5hDNyQ6CXQ4FH4lYLnoZ0tjkgKaHBac5IHsGQOmEUjF_8zE3Qe8Vd-gpUXu98q0luscwkq1PDZOJ5Y_S_z_lzstmUQK_eTpfjJLo6crkPypP0ozr9gzXWV5alVwmQG_vbvcSrmhMOYYE7MVC1NWLAerHXAa-ChcwpH9l2PYhdsy-SNUvE7IzuVh2Gx0YMdByP-mIdtvULJb7y0Xm9kOIscz9YjqrqzHpqyZSDKBb0plQxc_TVQwqZhxJfSG7icGZgWGuelkWHE01XTf5kksl_76HoTzxPPt0ClT8-GHBYnVbNAo4kmscL6Tj79wyk-gk_EM0abAUwTiImjvAHy_dEVDiYm9GeaBShjD0M71pqJQgptwD2NhyFfHuejlFHpq19cfNWxhAtlXM4EUtJ24XPO9T3_lQaoPK-JMWnvcsYmHvCEO3Ruasdxi-Jit8BptcbUZzQb3pGYOITbssfR3k-xaKqi2NoSSCCpysehBlXUKt9dN6zFjG7OFqzAS9XN_lvmdXEF8ZJHU_8_LM-NIinxpGhsUX7rLsgyzFz0WSKdnaJdAaOg2ZdbY_P4jtrpBHIcBhd7sF1R7692Ypw6uq8ww_4dQVB01KUQL0UODByss0RLXbdqT78R35kZGAWuSeUN5TIuFE5V8KnGswYEreVU-lS8qNWTGcRpYdqL83o9ZakNs1sHbfMdyLwj08s7ezESBsR7pEXbv9sD8Xb9JvNXMx8lLirM5DgKn27sfokRIJKXRbuga2HXRWKJumEGgqLMcqnaWc59jJsRl3KqLFpdRg3W6jtKuA17_QJccc5Fxbl84f2G8GoobZRsKiFUtY7tgguOQdEC4VJcs7nILWHjOh5QRf4cC3d06hhhdGrvwRTBJOstUJQI1CUC-QM5pnLtOnDbB7DW8sIq-gfE0utJkFhFvGjCspQikpVqJeffjLw0l6FZQSYyY-GuEsszLJiWTaoC1Dqmwxh-ESknDcBawPITPcizzHcRlM2W95xuxX_wIaRWGgAQ8rPIkjE7RfH5X3RQGHI8qv9uol0qNtslg05UwvEHRF-wPK8sdhfdFE6gOgOO7BwXNWPi7K3mXDO42ow-EkSA3XNoxXgtpIjuxQXh6s7SgXiKLgi2E7BxLrmpb32hNMu8z1ew9lxdWmEggNutYhm9BFApY-Fk_SAt99mGk079mO4TwIP12HvpfokcqqPGHXq9xbotO2ZkaKuFo-6EiU96M7hp956b_riau4B2lRglsA8mrtaibiefPp_1ITvvv58fXhhtvVkC-2szB2jpjsdGeQk626Ther7pM1mqhcMCEKJfiavd4gFgJTpQRw1pcd4Vo8ysBb5Yr0tkECBYfn6tU5zZhtI_kpdvzRZvmvRmaPxqs7FM0BVGGxXELRwTugERX1RH8Rp8XwNRUnxe2vZHic5pF3zraIy0-J5g4vSOHRlagiGHeenSez-l4Gir-DcZ2V8NTCCIG6_6kfIiS9jRD5g_odPwxEU3PjjVaREeU5jeh7aFfHYZv1cPLjl_UuPCwc3FddsXTGNGCjChHbsefIBfrOYu2RpWJX3bZNvb9H_817yHDUhTe8htqGvzoJ0eHKRXI3YTH57McsEQHCNtCSERddTAKGLMhixIjWzbbogh_UBJTnCqN3-CGcVn1HI6vIKpF81X6uWqmS2t8NBKqVUKjVYD6PTOu4laNyA6z9B67_zIWZ4zir7s0omPPRVeu4P-cqsbwGxw_21EFPF2Dl4u8LVBCHU3YAWkLJ40YUBakRz9UH3UrJRGeiEf3lB1L66BjeY2fw9umF7XmyqH8yz565IgQEOKTPjhOjzDFHfjtKlIhALOoBP60FYz33nP6SOCheWs_iAUnYE1JQE8wH0SSwu33HKu75yqn-6YdA6Is-OhCn2IriusLbr8OX3uiNe0DsVc1WOouDNhI_eg5sSZCvwJ7d-PncRO7ZhhbgnvPMhBhaFwXcGTKz89VlIUJY7gaCklvfKPoYrXFsaxi5ZbzF3bTbnIALytPLeoISwoLQP_-jQdTqxB8FgUc6jaGgQzOPoERBHLUtAh2KD6hRGcVjeS05EUlV6LgFlUU7tPRf3Ca46P11JlbzHs9VIw7LK2cQWyTlza7QXE_i05Sd4m7e-rGoBQHoAY9KB4Ecg7ijCEGSEkOhTssuYXnamweqdCRzZwYlBO3Hp1-aXb55KgXnNp2jMCWvENO4oa7ND2HeZ2AqBSB55uMpnXTBz555xb9giFwhZhw7E8GTcoM5IywEY8IGHjC3xezA3ZXngPTtuWrZU5yumU147QG6ggaKOPZUnzC1GdStloT2GW5NVSE4VBgHBrhGPCIYtWC3Uyfe3PXJomqHwsCBvKXKa75OvI_oCNroqh4nl3gXyRk-wjerrEBDIOX2XzcsMDM83M0YGMikY4id7ovoq462SIM1DDDZRaMAgl5ysbZ_ZPC4uGZw-188a0v4g946sE1v0y1VK1b-85d3tjb914sqUWJxOGDyfbaDYHbgqW8GMGWnAfxmROs&cid=CAQSSwBygQiDyg92xQah2kozPVojg38GI2zn33NaunNcaxwAFXEYLyqlXXC0eYJPJi6VElHZWBTu4Nr14r4WgAb1bj_Kp3Co7HRri1BlkBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=2612037504747888600&adk=3047537735&idt=149&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b2599c7408f672895dac31c17dbd28b97e2a893a9e08355beab0484d06fd2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C7E 43 B
215 B 529ms
131ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=9957c9e5-171b-6ed7-b70b-f811616929c7&tv=%7Bc:gcG2nP,pingTime:-2,time:252,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:967,beZ:981,mfA:984,cmA:986,inA:987,inZ:993,prA:993,prZ:1032,si:1041,poA:1044,poZ:1076,cmZ:1076,mfZ:1076,loA:1170,loZ:1174,ltA:1219,ltZ:1219%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:73%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:252,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:73,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B229~0%5D,as:%5B229~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvjb+11%7C12*.1431402-70901275%7C121%7C122%7C123%7C13%7C141%7C15%7C161%7C171,idMap:12*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:76,sinceFw:175,readyFired:true%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 container.html Show response
98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 129A 6 KB
3 KB 69ms
61ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:18 GMT
expires: Thu, 20 Jun 2024 19:44:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 39CD 41 KB
15 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AK75LLYTzNh8s0N5C9Ap9imVKTY5ydpl84sGriNGialtjWWrcpcI2e1--X21f3mEbPRBiFRkWEkWeKR77cCLFhu_u0TGsHxQv4SU95Y5tEQbCNGwrMS5Yd9qc0aEqVSi4lZpLB8w3D587EnF9P16tT1q8tHyppZe2G_1dYJyWWZumXYX0&cry=1&dbm_d=AKAmf-Dr0qffaG5pUdjPKJEdea42szw77qwzI4X6rp-w9R723Hq2L8H6SucsW295kb8ruRJ_w1SZcS6PziXjc1SIFLUo0I6TLo8WmaLQRbMSJHMb6aW8b55N0ivw6uncZ13jy9azHlQgMWzCLIpNYLth4rMuLtPj0OSh1Z-7QmFlf6PqPBDf6nEcaFQD9fKuO-PjZ5XFfUQHW980m8KsQM84r_wbNS-Nt9lEHM_a9dt3LRLgGib49NWBqSsqpPruMLN8QrhSH2n0oKeDm5iD4lqEqoZk3vEXcqO3G05mUC7XU7_pniLyNrwXcPnZl06uxnu0W-zB-6gb-1icGFkqmRLLkq6AFKgoR91yr0GeT13yUXszKsfqzFp9BeIw2lpo6MYw_l0_ghRV68eZ1rIH9qsIGuYzAH7vyLEfLAhj69VnMYe5TU9NY247amskYLCa--_rFD9Wf_Aw0mCoa39Iq3H1X-WLKwI_zwj26T5f_4LJbuX2VF6wzQW5cZDapHy-m3cQw6xgbtQLXgyAXKNSr-NiEpia4A7KDQbsYptENWqD0WP9qBZSGiWXjPac6TMciRHGYzlJRTdpcgO_SHYmqqoM1MYF37ydadaLIqixvHzgK6aAM9uJGhWu51VEbctH7djy3tBKF3k97Z-0MGxN0bdR2nlylAuJZReVw3tiQuD_hHN96Q0e2oKxSkiozd_mbmkCNuhOFZd3N_uTQAw_tRsgKQcQlmZ82tDw7yLUAWXtlLFUJjZ4kIowmxJKHDAmnQztJ_jhOK7mSK7fKfhfBMUTMebYilPgZOYLvm-73OgiOWIuOdfmjfCrIk2-GeFt4918bWZt3313Kqy5pfKJ6LFoKZt1dxnr4-7plhUb_9ufX4vh7M89wD5Fmi25JJbtpVY15cYtkjmtfTUUiEf0TR0PqYRFtKwUsS79Z1FbphyVYe2CGwnyPOa-qUwnFGD-rQ1euYhhErpOPwX5EoIFl5_TicT-r-2aQfcetOtL2_9EhecnIyRgpm29ChA4hZfdO9ZJzOCd2_O4BToOUzJanrNeeWsnlfhTFPs8CP12__z0q_eNwzr7_KeVivaTb9ahQqEiQC2jEOvx7NZzr4BW1awRbaVy6MzlwuDH8ruMcIiQH638ywUWP5fYVsHnI5w6LKWR4WPIb21WijP7rKD48m8agCbzJ5dV2STLmuXpt4IgxumfRvb-6Dv4hzG3vLlemI0_Utmkd1BMhJIa2PHkniygmGa0-1WYG_kx6c5kSOZSdRla8sn4OPZFvhNn9MAcDapKGec6pLqHgpMaJTfA5w9GqoFvdkBw6PaOqr0cfwCRKY1rPT33Pyo_yLLdAmL-b4BKsNQc2PqIpp7PNtqyx38DM-TrQXBB0vkFf_avQi2SNZkhMWS2U_qX74VMgESFpyrx74nKieqaF_PEiu1impdTyMtbBhfK5ViBeRtk7DEWU1gTwwfIesV2WpPgPamqBUy5Dt_g4Lq8QkUQ6wB_r6xt_hEqx3JNBqkdvAzIn5atmhg_PM9ZKgP9WB9ojYQOsViqed_5AlNNNxFVzA00Tr_wKncJ-4am3j3q-ipN6Gbt-TGYf8TrUVNVj9bZkaZBxJFi1vWEM_xwANc87Y-ZAKNj3LmBMibd_nbC6Uka0eALpBVNGN0PM24eEcSOokFRRSvHYyo1ghI6Qp85dvqRCGNOjfJNevqDtJzpHzL5B506ZLIASN-Z4kYIjAMB-a7qTbUABRoz4VzilkcPOacCGZ2LYkj_KJAJiPoG64Vo4r2kdVaj4aJyXEWqHRn_HMdfsBnndqGORYPX0lEezDjUdn91YUysW1fHQHJHGUa38X-8tRA8y823bOmIXCrkM4wCL1ZSA94w49ywqkj5skmcLzkn9dS42H75sddKy-J3tiDUYqi6dzJjBR67Qobyqi6ebKLxG8eefsn7l8xzVJfzDatz9KdPwKdmo_WSeRlTGpGB7fEmu_2Oh22q_NVuO1UpJ8QzV68l6gAm_nCoCSnYsjuzqnruShA28-32YHBtLDhYO6EMWdNcSqQa71SmxmwQwykds1j4sjHi8nsSe2mSzLZSxa-w0a4C8Ng4TOBiOQmpsRWuq3Vbmved62axGhKMOSBKkqNtlJbf_DRJSuPuqnMHc-9I1hE0guTJ4cjSuCmloOmqvnQUmcF9krsCLXEqe71StLmQKbo90NjUBSNRmnDgbQQa8eAb8YYt4W93uotB-3GxjB0S4Smb_K4p6CdWvc7SwY941Cg5q59sYDvDhBrNNBTJNYTULa0vlDYcQCjnF6G-D478P5jSmWyK4rgji1pX2DctD-gJ01LtshMHxe0VR5C8wXGW0GJYg2kNA3Hvs0qcIz54f6sEHgKnqSXju6wfaIP9YPkylSS4hSKWjuPK417s2275wDIjgInvOzOiZ_4mxnD5dUhfwgCARg-yuR56TTKQ8illoZNP4JI2s9wRWcYvYAV3_skTeLPTxoVX4gfP2QUeYKV5s8fcu4jXJHy16pus7d_EDIasvRmYKJuhGZsGE1FXnhfyEHadrRHeLtKaBXBiHbBa1b6Gfjf6gwjRXXGLgOybC9PaiBQxDVoyDcebh-wqTsc1ALKeehk-DtpOmlzQ6xjTtgKz6cbohxklUqVe_yci5qlsMDn6erM7wSRz0xjmhG_pj1dZNglf4q-CzP74J4_xmJWNsJUcwckBWmoo9Bsr0TzkOGYUHzIXFZs8ayZOXB31urEdm8ioUd0p0H6tyF0iSOJcptzupketWr9ZRWxb7ZjWhoJI-L7atE9bRkH9YNW5NN9_kgH8GJLr_vKqsJ0NHVDHFHfcOuuZ9rKDHlGWbHmpjIfT-sOe_nuzHqtLeWHNtbnvpp6hq8m5LTEeLzGQIPsMkQg4k6SBx4nJ25LYVMNuxo3_jKQbKdvF8QadJrYuCrpOKnGjsIeluIP8lkeOL5BIoQmPdNECyCfioZitYK5NoLB-X2nJu2s23wHPTLs1FiMTrPWjl-FHDbkbQmFlw-iyWHrziPq4dFAFUrIfKGc-woF_zSJGrAQYVUx2isgEbUEShnCIbe-dorMrw3hcvx4dhrkFt4T_5ZGcxZ_whtG-uPBMIzQaOCMToMO-wsZH12LfVT3BJ5M5eus_EIw&cid=CAQSSwBygQiDMl32H7r-qZopKVdwkgyUAya8ccQj1XQ0q22jOm-KEnHd5V8prh1vR3dnWDylj3bYtn-xBacL55b-QBeT8h8fbEvTodEK5RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=3731352434064825300&adk=2228999115&idt=148&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4812 4 KB
1 KB 373ms
63ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:40:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EC18 14 KB
1 KB 337ms
64ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 19:36:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EC18 2 KB
892 B 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:22:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame EC18 22 KB
9 KB 64ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:49:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF48 143 B
166 B 66ms
57ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 18:55:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EC18 3 KB
1 KB 97ms
90ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame EC18 19 KB
8 KB 66ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC18 178 KB
56 KB 122ms
112ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame EC18 33 KB
14 KB 310ms
55ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:26:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 4812 23 KB
9 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:50:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86060
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Jul 2023 19:50:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4812 205 B
519 B 315ms
69ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 10:54:41 GMT
x-content-type-options: nosniff
age: 31779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Jun 2024 10:54:41 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4812 604 B
718 B 315ms
70ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:30:44 GMT
x-content-type-options: nosniff
age: 94416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jun 2024 17:30:44 GMT

GET
H2

200

passback_160x600.js Show response
static.adsafeprotected.com/ Frame 39CD
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1316115/71738579/xbbe/creative/adj?p=APEucNWy33QpoBKMg8wisveLpI8BY0xlwURr7Z8p-seuNdqQsl3uxj8&d=CokBAKAmf-Ab0VXXUMNgUR8ngurxlKf_5SoTJF_ZuU4hqa6rSCr_kqQMdG74aRs...
https://static.adsafeprotected.com/passback_160x600.js

3 KB
2 KB

39ms
38ms

Script
application/javascript

2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_160x600.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
date: Wed, 21 Jun 2023 04:51:24 GMT
x-amz-cf-pop: MXP63-P1
age: 530460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:36 GMT
server: AmazonS3
etag: W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: HRnOkRn4CchIjK_CyQmr7ZVQz6pBaZubzERMO1XRm20dNbWKHLs30Q==

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0EA2 91 KB
23 KB 44ms
43ms Script
application/javascript 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23602084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 3Hrm_DjEhYj1DedUba-aGm3d_A3MzcszcFYaro9CEaghq1VJJivmvw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 208ms
133ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2t1,pingTime:0,time:130,type:c,im:%7BpBlk:102%7D,env:%7Bnr_rHRbA1:0%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvql+11%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C1811%7C19,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:63,metricId:rHRbA1,cmr:t%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
216 B 206ms
131ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2t2,pingTime:-3,time:131,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:131,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B121~0%5D,as:%5B121~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvql+11%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C1811%7C19,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:63%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 329ms
256ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2t3,pingTime:-6,time:132,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B122~0%5D,as:%5B122~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvql+11%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C1811%7C19,idMap:16*,rmeas:1,rend:0,renddet:IMG.us,siq:63%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BCA0 111 KB
39 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Origin: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame BCA0 11 KB
4 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYg7PmvSDf1omDiKQQFMBg8TNDmLuzVYghQqZVhTBd2An7VOzXdboLogWYq4egClWsL23kV_NMqpwR51iQQpmXhmpIYZQU_gmIHgFLfoB6tgwRGrMwUXAe4LmeWkvukunmHltieFkCtRfNx9zdIxQx6U77DNtbZHQm5LYDtBd5-uDeFlw&dbm_d=AKAmf-Dqy7NQ9yr46YxNCSk2K97z7S4irTHsq9gGz7PwoZgBCBkTlCTL9K61NLKwXPpJ-UnQcQSJq4N766Bx2ZfD2C0m4FpjoM6b6vFJxDYpJsnXFfb2IMvCY5kfa4JuiadJs4dJgD_ko_HRplowGe_GwYetQFoHtxFznBOVLofhFzw-Rok3SdRlTgYPReQN8xxAxMlCFneCG-LEBnjenaY8FM4F5B9N0wFTKp6JzZ9RiONJlNbYQH9XU59s3PifkDwVGpQvXAGUvFkG1QsAOli3h4IH4Q9XNHEK7vRlvu0joCSQCr2HBwEYpNYDaM52vTGNEca0Ca_6ZBDXg3EHtCOZE3UAcNV2vIyuGdcHC_f_QUDJjol0ZYViYa0qvhFEPYcbRdZaYGl2obViBmR6sGrFSaD-rSc0uqgQwFqWl74244UF-d6KksPEuTUZcVxh7kDsTr7W9UqWbtMcm7ynNj1FCgTfwfIUrOaQBO72mJz5c33OV_bL1CKlJgMQb4UEZXT5UETha4k43kMtAFdqpvJNCIosO1-aIHGxuLmGmCb_GS3vtsDYpHbxFvX_j5c2nM62xv3dKaaffouz1h8Rj9yi7nEeOnSPZ2ToxIYFbV71eZeHEOECua99d72d3782H2jAB7zoqzHPKwfHVPyzYVms131aCKnM0O3mBOqWhCItLvOVl9vdlBpggRd7oYpiU8k_wB7V_EBlRt1JCA7DPQeXFNnDhAmyPEJCxXxyZ6f8rkaC7V9pJZcKTxW31VJSjmRKGrY9EjjBSbuAFcEHpPugunbfrEPSsDuVHzNmRuJ9W01x5-K9HH5qOPyHwOWIpMzTcyImLe2DASOIDLJEofiGD6Wq3D9_573y1t-It3EQoLv5pCZv5dodT9TrpAtbf_cNY2n2bSbAy-aPftO2X-dBHULU6BiS1YkuIY3sIaUzDYvwE69dWIZGSp4R7gPp03VT93TsNCtzheUugTgh7_rrmZTaheVunnoeFgcj3LupH2m74FLsoHeekUaA7wkvrRLXwOn-y7Kz1tbu8BipkZidOyA29kaEJ5j4vujEhi79tolFE1xTxalrO4hOaKVgnw79f8rNhoB9NWbw5zRDd7F09XZUA_SZrHSabATd6GhmvK82EIKT4kEWe0pHxIoS4jR5YpHFKdgHDeMpUIJdTiXFhxirOKOkUvvDfKxw1r3mAlmcF9Yb6_Rugibx6K7wXf5z52wL63pBJR0iqZygV2wessDJfWWVildwTjTln2NqjKFHd72s6pGlUkyMPUsZ43r7ifz-nskcLZR2RPQGYezAra3ViJHeB4aV5hDNyQ6CXQ4FH4lYLnoZ0tjkgKaHBac5IHsGQOmEUjF_8zE3Qe8Vd-gpUXu98q0luscwkq1PDZOJ5Y_S_z_lzstmUQK_eTpfjJLo6crkPypP0ozr9gzXWV5alVwmQG_vbvcSrmhMOYYE7MVC1NWLAerHXAa-ChcwpH9l2PYhdsy-SNUvE7IzuVh2Gx0YMdByP-mIdtvULJb7y0Xm9kOIscz9YjqrqzHpqyZSDKBb0plQxc_TVQwqZhxJfSG7icGZgWGuelkWHE01XTf5kksl_76HoTzxPPt0ClT8-GHBYnVbNAo4kmscL6Tj79wyk-gk_EM0abAUwTiImjvAHy_dEVDiYm9GeaBShjD0M71pqJQgptwD2NhyFfHuejlFHpq19cfNWxhAtlXM4EUtJ24XPO9T3_lQaoPK-JMWnvcsYmHvCEO3Ruasdxi-Jit8BptcbUZzQb3pGYOITbssfR3k-xaKqi2NoSSCCpysehBlXUKt9dN6zFjG7OFqzAS9XN_lvmdXEF8ZJHU_8_LM-NIinxpGhsUX7rLsgyzFz0WSKdnaJdAaOg2ZdbY_P4jtrpBHIcBhd7sF1R7692Ypw6uq8ww_4dQVB01KUQL0UODByss0RLXbdqT78R35kZGAWuSeUN5TIuFE5V8KnGswYEreVU-lS8qNWTGcRpYdqL83o9ZakNs1sHbfMdyLwj08s7ezESBsR7pEXbv9sD8Xb9JvNXMx8lLirM5DgKn27sfokRIJKXRbuga2HXRWKJumEGgqLMcqnaWc59jJsRl3KqLFpdRg3W6jtKuA17_QJccc5Fxbl84f2G8GoobZRsKiFUtY7tgguOQdEC4VJcs7nILWHjOh5QRf4cC3d06hhhdGrvwRTBJOstUJQI1CUC-QM5pnLtOnDbB7DW8sIq-gfE0utJkFhFvGjCspQikpVqJeffjLw0l6FZQSYyY-GuEsszLJiWTaoC1Dqmwxh-ESknDcBawPITPcizzHcRlM2W95xuxX_wIaRWGgAQ8rPIkjE7RfH5X3RQGHI8qv9uol0qNtslg05UwvEHRF-wPK8sdhfdFE6gOgOO7BwXNWPi7K3mXDO42ow-EkSA3XNoxXgtpIjuxQXh6s7SgXiKLgi2E7BxLrmpb32hNMu8z1ew9lxdWmEggNutYhm9BFApY-Fk_SAt99mGk079mO4TwIP12HvpfokcqqPGHXq9xbotO2ZkaKuFo-6EiU96M7hp956b_riau4B2lRglsA8mrtaibiefPp_1ITvvv58fXhhtvVkC-2szB2jpjsdGeQk626Ther7pM1mqhcMCEKJfiavd4gFgJTpQRw1pcd4Vo8ysBb5Yr0tkECBYfn6tU5zZhtI_kpdvzRZvmvRmaPxqs7FM0BVGGxXELRwTugERX1RH8Rp8XwNRUnxe2vZHic5pF3zraIy0-J5g4vSOHRlagiGHeenSez-l4Gir-DcZ2V8NTCCIG6_6kfIiS9jRD5g_odPwxEU3PjjVaREeU5jeh7aFfHYZv1cPLjl_UuPCwc3FddsXTGNGCjChHbsefIBfrOYu2RpWJX3bZNvb9H_817yHDUhTe8htqGvzoJ0eHKRXI3YTH57McsEQHCNtCSERddTAKGLMhixIjWzbbogh_UBJTnCqN3-CGcVn1HI6vIKpF81X6uWqmS2t8NBKqVUKjVYD6PTOu4laNyA6z9B67_zIWZ4zir7s0omPPRVeu4P-cqsbwGxw_21EFPF2Dl4u8LVBCHU3YAWkLJ40YUBakRz9UH3UrJRGeiEf3lB1L66BjeY2fw9umF7XmyqH8yz565IgQEOKTPjhOjzDFHfjtKlIhALOoBP60FYz33nP6SOCheWs_iAUnYE1JQE8wH0SSwu33HKu75yqn-6YdA6Is-OhCn2IriusLbr8OX3uiNe0DsVc1WOouDNhI_eg5sSZCvwJ7d-PncRO7ZhhbgnvPMhBhaFwXcGTKz89VlIUJY7gaCklvfKPoYrXFsaxi5ZbzF3bTbnIALytPLeoISwoLQP_-jQdTqxB8FgUc6jaGgQzOPoERBHLUtAh2KD6hRGcVjeS05EUlV6LgFlUU7tPRf3Ca46P11JlbzHs9VIw7LK2cQWyTlza7QXE_i05Sd4m7e-rGoBQHoAY9KB4Ecg7ijCEGSEkOhTssuYXnamweqdCRzZwYlBO3Hp1-aXb55KgXnNp2jMCWvENO4oa7ND2HeZ2AqBSB55uMpnXTBz555xb9giFwhZhw7E8GTcoM5IywEY8IGHjC3xezA3ZXngPTtuWrZU5yumU147QG6ggaKOPZUnzC1GdStloT2GW5NVSE4VBgHBrhGPCIYtWC3Uyfe3PXJomqHwsCBvKXKa75OvI_oCNroqh4nl3gXyRk-wjerrEBDIOX2XzcsMDM83M0YGMikY4id7ovoq462SIM1DDDZRaMAgl5ysbZ_ZPC4uGZw-188a0v4g946sE1v0y1VK1b-85d3tjb914sqUWJxOGDyfbaDYHbgqW8GMGWnAfxmROs&cid=CAQSSwBygQiDyg92xQah2kozPVojg38GI2zn33NaunNcaxwAFXEYLyqlXXC0eYJPJi6VElHZWBTu4Nr14r4WgAb1bj_Kp3Co7HRri1BlkBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=2612037504747888600&adk=3047537735&idt=149&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame BCA0 30 KB
11 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BCA0 41 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DE1E 466 B
235 B 108ms
100ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWWWU28HPLTb_LeVQOP73_hyb62TwvRahDtTRD97NyxNmUYGkJZ70f1HCK518h4IVHglronebeD8I9nsA5yQuE6ADY0DEYmldTgrJr5xlMa6XO4m-ceGCXHF0K89XhXwp1FPuVoWq5AVs0ZDnmdKOwDTqCVf3sJb8xvZmR7cS0v4iWFry6c8Ox3L79Miybs9gGd2NIi

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 129A 78 KB
27 KB 151ms
150ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 129A 42 B
63 B 92ms
91ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BW8V4vJLY8dinQorI32xZq1UvJuRtKiprwRHt_my9KG_rkajSQf81ARfM3yBI4elC_9SN0JwcRX4Ym1ucZehGkdWHIum9jV1-KwRvHASyvDaWhYkc

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 129A 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17938660863957225544&x=1&ct=76

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 129A 3 KB
1 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 18:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3360
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:48:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 129A 19 KB
8 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:19:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 129A 0
0 69ms
68ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlFh5btxfToDFdMWYfm0smOtZ1tvikhcke4hyNVV0UQNKa2wGeVxGCIeZx-US45iJaVJutE3iRFN2onDkmUAty86DDwg
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 129A 178 KB
56 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57058
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687274360908795"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:20 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C7E 0
26 B 202ms
93ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsviRRLsCIdKUwu9yaazUltqHU0fh0pW7kDleQsvfwuQ7cU8dnzRytMqI_8uaLCGqQNgXauVnJUHdgXRKUdD4IZqCP_kS2kc31u8AhjWlnY4KP1wbKanmc366X-MCe6sQ7_WmirPTfSRAbvY2oj7KgOJDJtj9t_ieiZll56cM65mdX_V&sai=AMfl-YSnIYHrpLxgsP-2aVnhMjtP5lttJwMw2T2WzPh1PYPvuJgVD_MXB1UZS7hM1HG4gZkvgqkzSrUIStTcKNg7atZKDpJlmO6nwCwsn8czyx8pYjqohg2Sk2IJd1rL0Qk&sig=Cg0ArKJSzBf5FnXJecGgEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 161ms
133ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2tN,pingTime:-2,time:178,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:848,beZ:849,mfA:853,cmA:855,inA:855,inZ:861,prA:861,prZ:903,si:910,poA:912,bl:950,poZ:950,cmZ:950,mfZ:950,loA:979,loZ:982,ltA:1025,ltZ:1025%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:178,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B168~0%5D,as:%5B168~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C1811%7C19,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:63,sinceFw:112,readyFired:false%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame BCA0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a88612c30065167e44811cfd5d60805d6679a2cb4efbaf1c0b66d658195bd7ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 68FA 22 KB
8 KB 57ms
57ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 passback_970x250.js Show response
static.adsafeprotected.com/ Frame FBB9 3 KB
2 KB 38ms
38ms Script
application/javascript 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_970x250.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: .AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
date: Wed, 21 Jun 2023 14:15:07 GMT
x-amz-cf-pop: MXP63-P1
age: 19757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:56 GMT
server: AmazonS3
etag: W/"094948b2d1170876fb8e76e432d87da6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: wiE_dRHZ3Jyp-NTxQvvnF8H21Y3WRqbUYcMUAzHDqMrlm2Y65d8bMA==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14271075340965742532/ Frame E138 12 KB
4 KB 58ms
57ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d7134c0e26c077d8c5b6a60a737e8a44bd139902d23cec1d43ea2537a9d369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 135669
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4309
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 06:03:11 GMT
expires: Wed, 19 Jun 2024 06:03:11 GMT
last-modified: Thu, 01 Jun 2023 08:39:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCA0 0
0 106ms
100ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVKsHC6wmuSnTA33rBROI_vzTf71DrYcPiS9wJLTcvXikvcdDlrTxhqBvMqZ-9tm66obrjqC1pUV2nFCmgJLUEYbhLLSlZ2I2_KSJKAQOrkCNpGkS0Sw2u6qjjUGmsmVe-OtJIPMtuUODnR-Nu5Odcl68GdAwx0Utpm0aeTZ6nZFnYzA_JxNS4GLb5lNGw76zZ1eAX5BAaX0B3Y2QKWeby_Cmxhh6mVNJ-TzhzV_pijCp3sXkWpkvbcyTZwAQVLpVfDkVNUZU2xPheh9-LwcqH4IlYeFKTIJoQqeortXHLb3nxIBBoACpZrvVNVSPX-is4dJ6VVOJ63AuG_N1vjdvgWrHW455T-Mh9fTiw_idOmdB5tCWe9aDd1F-otJ2xmrFREYZ-BOY1MGou7NrRV90SrWO9a7XOYPiWpoSQM-SXwzShddFx6iJ804JldU4awCkitXCyw4qAAdR_6UVXXlCFqf8cZxzGrv_n5VFaX9n1HyvJ8wh2p4zfWTla9GEXkodFjMAN3GoHa0hzf1aPX5nOWFjNyPsBEDGO67Yc5UX1vVoPTFmYeTS42evbjm4IcCFhj7t_zjoaR21wdrfFOB7_CvXp-euQcKaPK3koyuJQQ0FHARYB13pJE8Q02-rhEyE5UmNlUHmpt0XA2fFg71TfBX8Y_EINEntLvK541VZJM8dZrrBuytxiO5QAIYVKiISmc_Jr2B3rvCbeax_yxxLNz8FSWCsYzPwGQdVjcqTu4m6A3wPlHYMUlTCYlN75L0-qyC0GquybU9idLGac-OfY9YjUlzpnWUz6IyE_4uawGF9C_Tt-djUXnVK4jzuSmJhXyRYr6cP63j7tpilvSOkZ1ijIsW4wC4k3cZMGLqdiDftFPQUDydkFDyJcpZEu80d8UJ6BJITNBvVc531d_AA6CVnQkSuK12_nnxQraCaG0Dd96YfpYlVxUouUTwnQU_EFXGQ1lJU8-R2hZsvs-32KTwN2hxF0-DDwxGE4Uc6uK3-oKYA9hMY5XYLOzsB1l4HiMk2NvZ1hFgN-KOVpca_8eqCR8zvX3bCho7sXNjadFL6bUlOOQK4WTC2JPW_Un4KQsYuJPVj96dfy5XA9YfeJNFfAGrVo-UbJUAhiWqVu_hO01tdsJppb-TQEVYixXxdHbYbpRvfkjjSMi7ZJRZvdVtuSyCeweo6B661fHYpVeqxkTcO_TkN37Nbokdkf9xhgSATFN_Y1S3NAOacULED7HmvP0Zz3NXjTlo87ICDVick0eyMWCXx7riHJOiRaPfqPuogyAExLrKl2ylS6aoKkB68SiI3xZj3-uN2Bs4Zr5PXTqV-4n3DwNWWX0gQjFx5BB6CW5ZeheeZy5U4M28_a_7LX2QA&sai=AMfl-YQPQuRQqZ2guX4rvblq2lIJ4WiVUvcBEHZuhgm--Usu49QpsguZd_xKh0Ee5o76ccJXeW03oMFFV495tWGrwN_S4zsuoux1qXKTQIhE3bLlqHJJLlfSCmtGG3RsPkZ3JNPwN8VFajguXwo0KMKrNkx_lr7xb1BkY5VrmxD7_pelYou8ikxOqtxng31-Rd5wgNCAKttftMtrHi_gxciV3zWDj9Ps-BCDm1oxKeXuGQ8yZswence5eqmXzoGWSfEIFNt7vukkyo_Vo0aA5ssqpwHsPC4jIjo3&sig=Cg0ArKJSzHAUhKT4QxbPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=183&cisv=r20230620.35813&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame BCA0
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdp...

42 B
964 B

52ms
51ms

Image
image/gif

52.213.231.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdpr_consent=

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

52.213.231.241 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-231-241.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v049-034e73c5f.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 47abV+zMRU8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v049-087e2a1a8.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9rK9slm4TOo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=192730903&d_placement=366669609&d_campaign=29832151&d_bust=1998675658&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame BCA0 60 B
60 B 152ms
35ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1012364583&extPm=488902747&extCr=20143734131&gdpr=&gdpr_consent=&rnd=1998675658

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 Grenzach-Wyhlen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 19:44:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 21 Jun 2023 07:44:20 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 923
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame DE1E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1&__user_check__=1&sync_id=045401e1-106c-11ee-a1a3-11a3cbba0406

43 B
547 B

34ms
34ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1&__user_check__=1&sync_id=045401e1-106c-11ee-a1a3-11a3cbba0406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWWWU28HPLTb_LeVQOP73_hyb62TwvRahDtTRD97NyxNmUYGkJZ70f1HCK518h4IVHglronebeD8I9nsA5yQuE6ADY0DEYmldTgrJr5xlMa6XO4m-ceGCXHF0K89XhXwp1FPuVoWq5AVs0ZDnmdKOwDTqCVf3sJb8xvZmR7cS0v4iWFry6c8Ox3L79Miybs9gGd2NIi
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 19:44:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 2
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 21 Jun 2023 19:44:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7025&uid=CAESEM7CnMzGL0ZUAN0IjQyVBKs&google_cver=1&__user_check__=1&sync_id=045401e1-106c-11ee-a1a3-11a3cbba0406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE1E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDQ0YWFmOTUtMTA2Yy0xMWVlLThjMjAtMTQzZDU2YTEwNTA2

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDQ0YWFmOTUtMTA2Yy0xMWVlLThjMjAtMTQzZDU2YTEwNTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYz43OxQEwAQ&v=APEucNWWWU28HPLTb_LeVQOP73_hyb62TwvRahDtTRD97NyxNmUYGkJZ70f1HCK518h4IVHglronebeD8I9nsA5yQuE6ADY0DEYmldTgrJr5xlMa6XO4m-ceGCXHF0K89XhXwp1FPuVoWq5AVs0ZDnmdKOwDTqCVf3sJb8xvZmR7cS0v4iWFry6c8Ox3L79Miybs9gGd2NIi

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 21 Jun 2023 19:44:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDQ0YWFmOTUtMTA2Yy0xMWVlLThjMjAtMTQzZDU2YTEwNTA2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 86
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DE1E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12TEJxU3BaRTJ1R1dxeU9YNDI2Tno4UmIyWlBaM25qQn5B

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12TEJxU3BaRTJ1R1dxeU9YNDI2Tno4UmIyWlBaM25qQn5B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS12TEJxU3BaRTJ1R1dxeU9YNDI2Tno4UmIyWlBaM25qQn5B
date: Wed, 21 Jun 2023 19:44:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame FBB9 28 KB
29 KB 50ms
49ms Image
image/png 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date: Sun, 18 Jun 2023 15:02:29 GMT
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 276113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 28949
last-modified: Fri, 18 Feb 2022 23:29:18 GMT
server: AmazonS3
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: ByRCYICpn7tcExblME8SRbJ6serfl9CPI97bt2-jD4j6HV3b2bSY1w==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DF48
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

122ms
121ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:20 GMT
expires: Wed, 21 Jun 2023 19:44:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 19:44:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C7E 42 B
174 B 114ms
113ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEng7s4TyrH76QGhZFz45qyaHAUMAipuRNUMQOzbLCKTrGm_1UPsua7IyaH0q9d_HYSphC3gluFZNdQBqxUqtSlNeRpgh-n6FJejnr-NWPWP4jrHNtXfruWBXAMpmaSb66_v0vIUhf-vip&sai=AMfl-YQ_dNT0-Ugzn3h34t0xugyK84_zL48oI2eaXbxTPKY1RrQlZjynNqqesjEJXnyTal-PAFG5z6XJio0FW5lRHNtXi1iocn8nALVQ_OdeMiOy3z1aZ-2o54IxNce-L6O7FPTE-_ld8gq0bXW5vA&sig=Cg0ArKJSzKbOve4nzl1rEAE&cid=CAQSTABygQiDjq5tIbhl_EduQxS7MDH93NDuEp6mC6_9woatJ00X6LzRcsY7_ZtIdoWg3XS8VUNDXlcKRALH_t-4TaSSyT93WajBA837docYAQ&id=lidar2&mcvt=1037&p=155,315,405,1285&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2619639180&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376659066&rpt=719&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 129A 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4567249247477&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 129A 0
20 B 93ms
93ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4567249247477&version=m202301230201&ct=76&x=1&cor=17938660863957225000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 129A 101 KB
39 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFo5nI3xHvhdR4HcNRKVkqiHs81nj1KrDD2TysOLlS428baKfcrAvk9pghFd0cUJ82MZWank-trnuwqz1Lt0ArrJUyCv-DxeZAlaB4gfPs8j3HrD0Q_rpMg5U8b5Vzz9TJ-OqnIfdhuR8GPII4WOzgxs6driPdQ9d_2_QwWKqMzwXIjHo&dbm_d=AKAmf-Dxc2sW25_mHA7N8bN-M-V-Wz43IBhycX2D3MhPZLdeSicXYAmT0DaoTR_ZUiP1facmOq22a8qX2n_TiNCT4FfxykBzy1Ab-L_GNgucbvV0Ix5PwLXEbWgI9HQsYBhdr-XVpXIfX7aKmKWukjo47dMOyVFlK1jyIFDhu2epUJN8s88bWDXXFtBXOPq-UkVVzcxREADL2isjXbFv8JbvWsosiTVFDs_19dTsJKvX4C7mOyVZMhtVcI7UBG9HRSoIRow16TKrTz6Tzf7baleZvBskYJ5f81xNGAuQvvKcicSx_Cv2eZBjcNu3cjk1FZiTMYl0Wd0-EhJPO-i9eF8YYZz5YW_lNydwYN51KuQrEBEAtG8HtFEPJOFkywN5UdpZhoyku-iTueEu3dU0GEQ7ePmBsfNXfieMckW0QFPme2MySU1gOaFmMWyIoPiMgWfJrreiM6lgbgrW1B3EMdzzo6u54TTOpjGpdsTu4UoUyw3yT8EVRHIZI9uPsKrBiMX2zHRm48sTF9xL0ZKfcUmfgSNBj_rPrN3CmDnXekTRP4VeBgH3ICqzXiiIw3hqBl_Ykao9QP5pngL3mu6eYphHbRfLNEk8faSvMA28MKRKBgiJX-8gX901P73KaT_CbzWYUuk_DNbxyj0YV3rFtOuO8wnmC872Y-HnsgXYhK-dAzFIK1nfou2SXQROyqhHvQj-Zj1WaHhZIoMUvgTlYRpO-PvMsBPpFPDbt_9P3ga7OAaubaDC9lrcHYaztja94SYdzszDeyhoG-BGOpoQj1Ckh_mL_MlAhlBULxfgMM2va1FeKEV9u8ADmuhBnZ3R_wzKnwG_2TP4IN8YttLpo7LnIkWrpYo-98B6LFrIiuXDfyvVSl1c5Iph_bc0LCjCmglibTnEiKdU2dnF99PiRUbQoHu7gMYuKjYCoXswVVAZ2R6x1gLbZBhAvYqttMfOWQmeHVBCMKWpZxoWVUTm3J6CaqvwN-ZP_xpZ_cYb-mdoUJYZpyJrX5j_6HjR71qco0fBO6dchrqHWXOG14qxqaMW_CAP23_ACoOefyZH1ntMkyuAun7oPfIo786daW4jVmlEUKd7Szgm4pZFkLNjm0Oeg_GBuqgOm9JJiInVxWUSR2Zq916SqmdcEW7HqYKdxCiITLW1xVT3bMdnGe7LfTcqGaOWghdh0tiV8jKCrNp4FQkkjDUd0pge6WjN5ufuM0R07gbr0QFNu6KHxi8XM78OduOzdLBUKMzpgSF-d2uidBvHx6csKDxgP2bNGdGbWyCwYjmax3L3roqlIZMVDiQejBBpYdkK3W_hZdmNaPhaULwGZB0Ic4qJEdPWy14BURN9ckqGqIIFnbB5QDMkyYrVrsO2IgdHocCgYZgUM-y7j72x4mlu9XAXspUKSiJEgOx9UC20kq2hzUIEQXu1zacTLtBtNZe7aJ9VJc5rrEwsDXATPzVMJ-YrmIJ-ml2yHwvRxjQjpJpyQX8xtjdXVQXgeiQg3YOnjSSzp1V9LCIGjZorDhVhKFYW2b0uCy6k2Lk4s1IrOy2wB8k7P3xc7Pccmq8OVIh9aT8TntCpXIkrAkYkEtETnzvuoCaqwBwUumkyYOanwtUXrO4rxd2WFoIwVhK7QUv-5qAaUuL9OXiDHol1Lr0f-8i5fB5FLjCri6R3r0MySe90X_3VsKOlgqafqolJpQxwYl87Sr0XGaKPuWgLfJ3x8T1DcBGLkiTkZZd-l0RM7_lcNArJz1_smsK2DNulFJMfhXG_G3aSnYqCNAfOfl-pXhkEsxU1pOY00S8YsaFWyVZwyJvM4fyCYsPia710HkEU0-6dTWNOu5-bpG-5DSvN7nKajvRH6uHPEyDVGh7x0U426ubMvwHpd_0b_i6Ul2EtWMvsodrVpH7CIdGmNfqkV0-8flM5OntVsTI04JxoFofbP-Ufjr_srZQfExd8__R782yqUKXgqls8DzxwFtbT2gHeci-AMjHe-1sMSPYMzshO8H9NETgdIIbeEhHCkAopwmnK84uCI5RJRalRKBjL4AlJT3i4bv0tzqhyMwJlaVCjldZIslr58N3Y9gmdvzuvc6yowYiRRwc-6X77lSpSPcLJZj3O6L5K3Cp9bfPqxy4Bmq-Pt-zkBBOK_BCXhOBUEzzsLGeF54pUWJ98fR9U1g7nriFnPg3madElo6d9TD0NrNLi6sKlHNb-TJaAnJOmRElhLaqfyD7snxCPwUnaEdXRpxqgDu5W_SycGlpkCEdIn_LjEopPPf43tyy26jklY1xB-ZYcFp5u3mmK5aqtkcpNv3wK-cuupv1-hlFUnH7RCvhiMgEo8QmrrC4km8auuzGComb_BcVFr5aGglDTCAYXh3s7QTDuj_I15P4AgLlIwm-Ze-Jg9qyhbZbdSuhIaMx1kdgCxbNM2y26B6Vaa625mnADxvQ3VnkftZk9McQ_TDishkX1slWtnduf-NapWwt4lNDc1-hAUYdlFzz6WMgj40kz2t_pnmwkrsUn9iHGLESaast-ecdRUbOq3JqDQ2vnoutKjWQ8H-2DdC6IHC7mUkmU-bX5aojd4w7IL_NSRIsnPN9Do6oa5GWhMgDtrBu_upEGI_tq9mw5njKAYWowGbrTb00aDxe099uQMQnUgQffINdNZ-wg-J3a3QrpXoLLIFSiJLeThwedX0a3NF6HQDFvF08U-rf72XYpHecDhxnkmFRB0b8DM0zNd97qVhG8PCoMHzHA-Olrk7XdOkrQNuhSqdhKe9ZcbfacaZSIhoUDgNyLutk6o-MH-n4TtPeYUCqgkognxU7OTrz-Y6usrf451dOCj-XInygmAg2ls-5n-6VE-UdqvGQsvMEgJTNISQXz3F_TPwZ3A6Y2AHSx1_mkBiHYyu5eefe37jLeBZ-TPruGqMdMebVP6rNuysjR0yyee5lRPKve_zz1E_Kykz5bPnRKynWUCjc2sweECptA1thVGE1Hjvu-AEBRIuJVjpIQqN5Jz8W8EOUnvGnpMsH85xXsX_GSmhCbmWQTTmRQFx5t4xF7z-zsKsz3fwnbkvhLbG48ITG5T_kH2Qb9jlYk7TvGvvnjcs2vqkV-YsK8mwbvQaLzPn5S7LodcskeWO84kwDe3rHlDpWQipKsY8KR2TQlqYR2AHXI3c50bDa-Sdb_fe11aAiMxCZPkVDpzUtGo0Al-Ub3dln2nKGnQmmcAB8BDR2j_OzxS2PcE_5wWzOyBUPu9IeHwlZ4r9f-zWmGQ6JmCMCHKi3xRYnXtitVxptOD8nF2DTTEa1CReB05I5PSgQ2hJl_RYbvNxkZohrWujB22aXfyeYR7OH5hY-yjfKBrsrv8c2xVStDVXU5XHQszzG4SOrD1X2LcjJCzRvY-e9-KooGzegiM51AE7pbe0JGElNMhq7_Is-dJzG44SV3qcdUm3PPSyh6b_I-Wf_iqg_wprtNleSoDX6165Mzte4fHl2P6KWPtJvgNra_feY2ABU2iZ6CPuKCS-dG7n7NPMgfXKV1SHUNGG5im5GPkLo97XrStK1jiRe_nSzHOhZ9_NESV9wJS8xegSVoRdnF7P7E_wGzUvdXXLzd7s0AA4bcw3tePhjOYyAHUPMXPG8rE-X63WFZAa8IKhmGXccvQo2cEYWDOMHb1CdPhJ8mKieL850dRu3DPbiq5tBPFZ7hkxTyxFx1QIvSaqekba0-P4_Yrf8uybeMvNCsl_vQ3ftEyWlE2rMJE_YcDudwXyS8_OuJt7PgZyzWZ6Z9N4m0KipfZ_FSxxmI2qkHmR32vrkSQj3cHzVD0DTo9k-kJp2DNm5bUGgrpStcF5D-PjbW1RjDfWyi4b1_tdlvQh26RGC6PpaWUFOG2Hme&cid=CAQSPABygQiDPXjIHJOue6x1kzc_KeUX2sKtv3aFIqoYzmYpOKFjKBN9vsPQCgNaw9buvbVuFJqOo3sWfJRPlRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=17938660863957225000&adk=2086295851&idt=185&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9eff4ad2995ee45f57645ea95d199c857ca5f9661a101b94a35f9ea7f2d55e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 66FF 22 KB
8 KB 60ms
57ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame 39CD 16 KB
17 KB 46ms
45ms Image
image/png 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date: Sat, 17 Jun 2023 21:46:35 GMT
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 338270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16777
last-modified: Fri, 18 Feb 2022 23:28:48 GMT
server: AmazonS3
etag: "eef84d4a7321b73260b41707db98756f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: oMSUmEgDXau9spXsVpLvUQXDuyxaX5HipIOF7mrlCPCNsIcw_z-87w==

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 68FA 37 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E138 236 KB
63 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Jun 2023 19:44:20 GMT

GET
DATA 200
OK truncated
/ Frame 39CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 906cd3e196021347abd7bdd1b618fe4646399894b0cf13112da59dbd6957a81e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 109ms
108ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306140101&jk=590735192495329&bg=!VlWlVQHNAAaGYqkwpmI7ADkAdvg8WgrLUn2VGKcGAMWHmz_lHVqVH_HkLNXve7kuty1punCUZ4tO52ODf9d7wGcegDe_vz1t7ekCAAACv1IAAAADaAEHmQLnQUSZM7nhNl2Ee8bbovhE6R0FYI-2I-JnMqeTM6AKSgJvmjP-k_vPLK7hmd2V3GSaZURP4okOHpeI4zkhMPD3jil90NEU3HJ3ZMpMUQMlWUqyBwwbkYDzWtXzLyCDqTUcq1letORBZqNRCSk0QeRWrGf0ExZVd0AkDTvrEh7jmm0SNLfb_XYJovF9MQ3jWBaLbRcsgXg2bsqTe0VP6byeffcqoN7QBYOwKD3ch9tyBQWXn1gz2uBTvtDLZoNq8TByubhkH36n8ojHxIi6sNHdhoVgfpr9PiGZmauEMUEzqizWo45zzJmLUIVgoMK1sL-_0fFmB9LnOmQheg6YZV9xqPKeyfvfbSBNLmGHVVJ9Pugg2s9LHb8Vj2iTOBkN-VNBV01S5dNBcKH-plBDRpzIDmdiw8RGHwyhCdk-sv8XBxT_YBrFmv4F3ulGpC9XsLJZvZbEhWBzv__ctamgR5CRTh0XtsEKPOENhvX1DtPsgiHxpBv27qTqIPJZXy25RE8sk4Zvu6oqZinvu7SEC0jAjQ5N59t6cFNlo1CKcZzCllTFjEfh0G9fMGaxHYloqNAaKWICrEcB_91ssUTsTTsY2gxjDwqnJzwyn9YCM7Ff9QDqUxFRW1HTl4BuutmItVRwzmb2ih7tdQlyfusod2nHZOsNI4wQ_jpVuHbJ-_RHNWI20RDZJxVkKv7R7xzik7450Y1uwYmCixw1JFA39b95PEXolXE6Sy4yceiobmohZ6VFd-Uzffp8tyKWupgZugOeIGbHXtmECenKOtT9bS2T856eP5kMLOpFRXb83eAcfLboT6BNIdCtTwVb7SSkFgAJefOeb2CtBcyqimoXPvvR57w-7qOS5z_CJc0JYd-21nd7JXNK3lGyys6FUQ65XVtAjxGON19cS_HMYVOKaROEjJelUVAh12GV4N-Jery2h1QHLFZDL9mqhuhBCoybrWZilKnE65zSzUYoWX86NBMD6ogJen0OI0U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C7E 0
0 96ms
96ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssH8oe7x6Oa_SHhCNyZFVSzb0TA1GD6ICO4dpolRgaZP_Zx_xAiLUxhlqbEouBLv-4kIJ-t3ZKeCdlsI0GxqgZKG_Lrp3fYHy1WrCH8RmwPw2nJ4LXb5YlesC9icfDGuWoRummmmWSUfbuwDPQC5Zyhjr4R1SWO6s0afDjBS5GTDWno79QIzZHW6cuE20IJWJ4pHrXB_ATRiT5DQhMQoNk2gAa7U95SZ7n58UXU_8V-RjwrHRVYOqvATqMlyiJK3-O9SbbbjTBUMNIy10kEHbq9HzPugXMJxeu3zWxnUPm5I5QtUSjg675NYhMP9uTheCjfuLzyx2XjNKcNZf7_EcHbBbr4myP1EB992l02MUJ3J_XeCry7Lpj7dD8EkJgfRWo5j_PJBCbaRhI88GRxB5xgaj1gMVzVyJkIVvQr8FPbA3J3iv8LKYI5OB0FWGrn-jXesHkVIkglX-aTElXBSbLhtfLJozVFWnZjAAx07TC5wl_sj2qyUxE0FUoLJ6qInB4QGtgxth5_f_SM7akzd7O5HJyvXcRDorDYDYkmHdRuEXyMtXdTuIG80dFB7fi_Qevm8xomik0XsPfJOapUZAE2CWn7IUnUkU_Ko0HRGUGzBLqF3ocgvRDG_jxEkasayswXmj2cBFs-JcCZTSTVXNWdT2bdbcJqVBXb0mDC4fwIFNr7bx8k554Pxfm47t8d48dEiqw4HFW1---JWcOZ0o5lkS6DiXq7h5yHZ3NzBCLxsDu1_eeQ_TrlWjdDtqRpUtORqqAWg6fi0Ind4BfZiVJwoSmqOlJuUdwReYFI3-ZNSoMkKzdISDZmnf6P5LLrfZq3wFQERlyIsQf5mxRxGZGmYkIuQcashDOmsoQB7fwx97aAIln_8utRrUEHdYqgcCdy4YUrdVytTZnSMNC_OwNrWboJ2mGVqFOssUt-pMEdZYZpCLvZc771oeLHrr4GVsczmgSx7iXsWMQFdAkjJL1hZga-cGpMfJm2gnVWwRLh6E1EkXlMK0fKqXAYicAqmE2jVXt6k-sqnFz8uccE4seuo9dEF664ueOA0it355x0NUzR64CVkMxyErJd15SY9iP3Le4ePjCUGKVHVbczC5c7PznKLLExWOTB5IXWyOw7-bef5EoryMxVSo3dGYjbpK5Bz9tRXuKdoaWsYPDtxPW3SXkgTh2fe0ZY8C_BvSIRO2DU5fpv0zUHtJvEzidGdlP8Rh4Zb0hqA11Q3bd3nG4c27ZJjApkOd8s-dYiIde45LyuZrP31uDiml-QdbmJ649VQa-CfjFg_eSjSFuTEmY9AN8kfA9CmuciY_nsIEnMSjy_johP45daDlvSQZUgVhnJmGbWQJ1T&sai=AMfl-YSiWtNOdL3nnqufUo3h-sG_3hWDW7euEFRoDvH2YfaHtXEm9qqVhmoXbUqJDz81sYIjBRPnw49tMmHxZuNWHU299xe6ORzj1tX1jmnM-OyX9IK3KwjN3q6vNT3TtZHSWCdSQWvkYKRg3m__Zi-IQr6E_RFJGGxf6fnAzw_31-bNqUItLjPVm-xTcPUJRiwVlUSG3G-WGWOVtWaDe2xojG7xk56s0j2I8CoJYvMmlw9y4yiKiRUHx6X6H6i4kmqNCvMIC2RmDQDH4PBddc2RgvQ0KAbapouULYCt&sig=Cg0ArKJSzBVRdxJNYqmAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1358&vt=11&dtpt=1047&dett=4&cstd=307&cisv=r20230620.51848&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:21 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634097/ Frame 129A 245 KB
73 KB 49ms
48ms Script
application/javascript 52.17.92.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634097/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gFtRs-I6CQhWyFTH-MLxhT
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.92.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-92-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 24de6e7c25795d004fd01b1b2b3345ae1c7514858fe2a2e99de90324e3f42898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 129A 111 KB
39 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Origin: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 129A 11 KB
4 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFo5nI3xHvhdR4HcNRKVkqiHs81nj1KrDD2TysOLlS428baKfcrAvk9pghFd0cUJ82MZWank-trnuwqz1Lt0ArrJUyCv-DxeZAlaB4gfPs8j3HrD0Q_rpMg5U8b5Vzz9TJ-OqnIfdhuR8GPII4WOzgxs6driPdQ9d_2_QwWKqMzwXIjHo&dbm_d=AKAmf-Dxc2sW25_mHA7N8bN-M-V-Wz43IBhycX2D3MhPZLdeSicXYAmT0DaoTR_ZUiP1facmOq22a8qX2n_TiNCT4FfxykBzy1Ab-L_GNgucbvV0Ix5PwLXEbWgI9HQsYBhdr-XVpXIfX7aKmKWukjo47dMOyVFlK1jyIFDhu2epUJN8s88bWDXXFtBXOPq-UkVVzcxREADL2isjXbFv8JbvWsosiTVFDs_19dTsJKvX4C7mOyVZMhtVcI7UBG9HRSoIRow16TKrTz6Tzf7baleZvBskYJ5f81xNGAuQvvKcicSx_Cv2eZBjcNu3cjk1FZiTMYl0Wd0-EhJPO-i9eF8YYZz5YW_lNydwYN51KuQrEBEAtG8HtFEPJOFkywN5UdpZhoyku-iTueEu3dU0GEQ7ePmBsfNXfieMckW0QFPme2MySU1gOaFmMWyIoPiMgWfJrreiM6lgbgrW1B3EMdzzo6u54TTOpjGpdsTu4UoUyw3yT8EVRHIZI9uPsKrBiMX2zHRm48sTF9xL0ZKfcUmfgSNBj_rPrN3CmDnXekTRP4VeBgH3ICqzXiiIw3hqBl_Ykao9QP5pngL3mu6eYphHbRfLNEk8faSvMA28MKRKBgiJX-8gX901P73KaT_CbzWYUuk_DNbxyj0YV3rFtOuO8wnmC872Y-HnsgXYhK-dAzFIK1nfou2SXQROyqhHvQj-Zj1WaHhZIoMUvgTlYRpO-PvMsBPpFPDbt_9P3ga7OAaubaDC9lrcHYaztja94SYdzszDeyhoG-BGOpoQj1Ckh_mL_MlAhlBULxfgMM2va1FeKEV9u8ADmuhBnZ3R_wzKnwG_2TP4IN8YttLpo7LnIkWrpYo-98B6LFrIiuXDfyvVSl1c5Iph_bc0LCjCmglibTnEiKdU2dnF99PiRUbQoHu7gMYuKjYCoXswVVAZ2R6x1gLbZBhAvYqttMfOWQmeHVBCMKWpZxoWVUTm3J6CaqvwN-ZP_xpZ_cYb-mdoUJYZpyJrX5j_6HjR71qco0fBO6dchrqHWXOG14qxqaMW_CAP23_ACoOefyZH1ntMkyuAun7oPfIo786daW4jVmlEUKd7Szgm4pZFkLNjm0Oeg_GBuqgOm9JJiInVxWUSR2Zq916SqmdcEW7HqYKdxCiITLW1xVT3bMdnGe7LfTcqGaOWghdh0tiV8jKCrNp4FQkkjDUd0pge6WjN5ufuM0R07gbr0QFNu6KHxi8XM78OduOzdLBUKMzpgSF-d2uidBvHx6csKDxgP2bNGdGbWyCwYjmax3L3roqlIZMVDiQejBBpYdkK3W_hZdmNaPhaULwGZB0Ic4qJEdPWy14BURN9ckqGqIIFnbB5QDMkyYrVrsO2IgdHocCgYZgUM-y7j72x4mlu9XAXspUKSiJEgOx9UC20kq2hzUIEQXu1zacTLtBtNZe7aJ9VJc5rrEwsDXATPzVMJ-YrmIJ-ml2yHwvRxjQjpJpyQX8xtjdXVQXgeiQg3YOnjSSzp1V9LCIGjZorDhVhKFYW2b0uCy6k2Lk4s1IrOy2wB8k7P3xc7Pccmq8OVIh9aT8TntCpXIkrAkYkEtETnzvuoCaqwBwUumkyYOanwtUXrO4rxd2WFoIwVhK7QUv-5qAaUuL9OXiDHol1Lr0f-8i5fB5FLjCri6R3r0MySe90X_3VsKOlgqafqolJpQxwYl87Sr0XGaKPuWgLfJ3x8T1DcBGLkiTkZZd-l0RM7_lcNArJz1_smsK2DNulFJMfhXG_G3aSnYqCNAfOfl-pXhkEsxU1pOY00S8YsaFWyVZwyJvM4fyCYsPia710HkEU0-6dTWNOu5-bpG-5DSvN7nKajvRH6uHPEyDVGh7x0U426ubMvwHpd_0b_i6Ul2EtWMvsodrVpH7CIdGmNfqkV0-8flM5OntVsTI04JxoFofbP-Ufjr_srZQfExd8__R782yqUKXgqls8DzxwFtbT2gHeci-AMjHe-1sMSPYMzshO8H9NETgdIIbeEhHCkAopwmnK84uCI5RJRalRKBjL4AlJT3i4bv0tzqhyMwJlaVCjldZIslr58N3Y9gmdvzuvc6yowYiRRwc-6X77lSpSPcLJZj3O6L5K3Cp9bfPqxy4Bmq-Pt-zkBBOK_BCXhOBUEzzsLGeF54pUWJ98fR9U1g7nriFnPg3madElo6d9TD0NrNLi6sKlHNb-TJaAnJOmRElhLaqfyD7snxCPwUnaEdXRpxqgDu5W_SycGlpkCEdIn_LjEopPPf43tyy26jklY1xB-ZYcFp5u3mmK5aqtkcpNv3wK-cuupv1-hlFUnH7RCvhiMgEo8QmrrC4km8auuzGComb_BcVFr5aGglDTCAYXh3s7QTDuj_I15P4AgLlIwm-Ze-Jg9qyhbZbdSuhIaMx1kdgCxbNM2y26B6Vaa625mnADxvQ3VnkftZk9McQ_TDishkX1slWtnduf-NapWwt4lNDc1-hAUYdlFzz6WMgj40kz2t_pnmwkrsUn9iHGLESaast-ecdRUbOq3JqDQ2vnoutKjWQ8H-2DdC6IHC7mUkmU-bX5aojd4w7IL_NSRIsnPN9Do6oa5GWhMgDtrBu_upEGI_tq9mw5njKAYWowGbrTb00aDxe099uQMQnUgQffINdNZ-wg-J3a3QrpXoLLIFSiJLeThwedX0a3NF6HQDFvF08U-rf72XYpHecDhxnkmFRB0b8DM0zNd97qVhG8PCoMHzHA-Olrk7XdOkrQNuhSqdhKe9ZcbfacaZSIhoUDgNyLutk6o-MH-n4TtPeYUCqgkognxU7OTrz-Y6usrf451dOCj-XInygmAg2ls-5n-6VE-UdqvGQsvMEgJTNISQXz3F_TPwZ3A6Y2AHSx1_mkBiHYyu5eefe37jLeBZ-TPruGqMdMebVP6rNuysjR0yyee5lRPKve_zz1E_Kykz5bPnRKynWUCjc2sweECptA1thVGE1Hjvu-AEBRIuJVjpIQqN5Jz8W8EOUnvGnpMsH85xXsX_GSmhCbmWQTTmRQFx5t4xF7z-zsKsz3fwnbkvhLbG48ITG5T_kH2Qb9jlYk7TvGvvnjcs2vqkV-YsK8mwbvQaLzPn5S7LodcskeWO84kwDe3rHlDpWQipKsY8KR2TQlqYR2AHXI3c50bDa-Sdb_fe11aAiMxCZPkVDpzUtGo0Al-Ub3dln2nKGnQmmcAB8BDR2j_OzxS2PcE_5wWzOyBUPu9IeHwlZ4r9f-zWmGQ6JmCMCHKi3xRYnXtitVxptOD8nF2DTTEa1CReB05I5PSgQ2hJl_RYbvNxkZohrWujB22aXfyeYR7OH5hY-yjfKBrsrv8c2xVStDVXU5XHQszzG4SOrD1X2LcjJCzRvY-e9-KooGzegiM51AE7pbe0JGElNMhq7_Is-dJzG44SV3qcdUm3PPSyh6b_I-Wf_iqg_wprtNleSoDX6165Mzte4fHl2P6KWPtJvgNra_feY2ABU2iZ6CPuKCS-dG7n7NPMgfXKV1SHUNGG5im5GPkLo97XrStK1jiRe_nSzHOhZ9_NESV9wJS8xegSVoRdnF7P7E_wGzUvdXXLzd7s0AA4bcw3tePhjOYyAHUPMXPG8rE-X63WFZAa8IKhmGXccvQo2cEYWDOMHb1CdPhJ8mKieL850dRu3DPbiq5tBPFZ7hkxTyxFx1QIvSaqekba0-P4_Yrf8uybeMvNCsl_vQ3ftEyWlE2rMJE_YcDudwXyS8_OuJt7PgZyzWZ6Z9N4m0KipfZ_FSxxmI2qkHmR32vrkSQj3cHzVD0DTo9k-kJp2DNm5bUGgrpStcF5D-PjbW1RjDfWyi4b1_tdlvQh26RGC6PpaWUFOG2Hme&cid=CAQSPABygQiDPXjIHJOue6x1kzc_KeUX2sKtv3aFIqoYzmYpOKFjKBN9vsPQCgNaw9buvbVuFJqOo3sWfJRPlRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ensonhaber.com%2F&ds=l&xdt=1&iif=1&cor=17938660863957225000&adk=2086295851&idt=185&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 129A 30 KB
11 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 129A 41 KB
15 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 13:52:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C7E 43 B
215 B 132ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=9957c9e5-171b-6ed7-b70b-f811616929c7&tv=%7Bc:gcG2Aa,pingTime:-10,time:1017,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687376661049%7C%7Cb29ca3e37c3be13de036fc72dc391151%7C%7C8623b242deb4313525321dba17b62725%7C%7C149ebde78b2e156272c067ea70412222%7C%7Ce9ebdbdd5567889f130fe2932dab1b0d%7C%7C1577f94557617d1322c622499f4ff073%7C%7C75f2fa8aa56b4980f085569d06630783%7C%7C3ba54b71cdd019b21ab66e9d3d28e220%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8A02 1 KB
643 B 61ms
60ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Jun 2023 13:53:04 GMT
etag: 48472445140208031
expires: Thu, 22 Jun 2023 13:53:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 129A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d048cc09d273d7e4780aac3932582a69db2ae9d2c33ca2595dff3d28544677b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 66FF 37 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 613B 37 KB
14 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 14:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 192546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 14:15:15 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BCA0 0
0 97ms
96ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVKsHC6wmuSnTA33rBROI_vzTf71DrYcPiS9wJLTcvXikvcdDlrTxhqBvMqZ-9tm66obrjqC1pUV2nFCmgJLUEYbhLLSlZ2I2_KSJKAQOrkCNpGkS0Sw2u6qjjUGmsmVe-OtJIPMtuUODnR-Nu5Odcl68GdAwx0Utpm0aeTZ6nZFnYzA_JxNS4GLb5lNGw76zZ1eAX5BAaX0B3Y2QKWeby_Cmxhh6mVNJ-TzhzV_pijCp3sXkWpkvbcyTZwAQVLpVfDkVNUZU2xPheh9-LwcqH4IlYeFKTIJoQqeortXHLb3nxIBBoACpZrvVNVSPX-is4dJ6VVOJ63AuG_N1vjdvgWrHW455T-Mh9fTiw_idOmdB5tCWe9aDd1F-otJ2xmrFREYZ-BOY1MGou7NrRV90SrWO9a7XOYPiWpoSQM-SXwzShddFx6iJ804JldU4awCkitXCyw4qAAdR_6UVXXlCFqf8cZxzGrv_n5VFaX9n1HyvJ8wh2p4zfWTla9GEXkodFjMAN3GoHa0hzf1aPX5nOWFjNyPsBEDGO67Yc5UX1vVoPTFmYeTS42evbjm4IcCFhj7t_zjoaR21wdrfFOB7_CvXp-euQcKaPK3koyuJQQ0FHARYB13pJE8Q02-rhEyE5UmNlUHmpt0XA2fFg71TfBX8Y_EINEntLvK541VZJM8dZrrBuytxiO5QAIYVKiISmc_Jr2B3rvCbeax_yxxLNz8FSWCsYzPwGQdVjcqTu4m6A3wPlHYMUlTCYlN75L0-qyC0GquybU9idLGac-OfY9YjUlzpnWUz6IyE_4uawGF9C_Tt-djUXnVK4jzuSmJhXyRYr6cP63j7tpilvSOkZ1ijIsW4wC4k3cZMGLqdiDftFPQUDydkFDyJcpZEu80d8UJ6BJITNBvVc531d_AA6CVnQkSuK12_nnxQraCaG0Dd96YfpYlVxUouUTwnQU_EFXGQ1lJU8-R2hZsvs-32KTwN2hxF0-DDwxGE4Uc6uK3-oKYA9hMY5XYLOzsB1l4HiMk2NvZ1hFgN-KOVpca_8eqCR8zvX3bCho7sXNjadFL6bUlOOQK4WTC2JPW_Un4KQsYuJPVj96dfy5XA9YfeJNFfAGrVo-UbJUAhiWqVu_hO01tdsJppb-TQEVYixXxdHbYbpRvfkjjSMi7ZJRZvdVtuSyCeweo6B661fHYpVeqxkTcO_TkN37Nbokdkf9xhgSATFN_Y1S3NAOacULED7HmvP0Zz3NXjTlo87ICDVick0eyMWCXx7riHJOiRaPfqPuogyAExLrKl2ylS6aoKkB68SiI3xZj3-uN2Bs4Zr5PXTqV-4n3DwNWWX0gQjFx5BB6CW5ZeheeZy5U4M28_a_7LX2QA&sai=AMfl-YQPQuRQqZ2guX4rvblq2lIJ4WiVUvcBEHZuhgm--Usu49QpsguZd_xKh0Ee5o76ccJXeW03oMFFV495tWGrwN_S4zsuoux1qXKTQIhE3bLlqHJJLlfSCmtGG3RsPkZ3JNPwN8VFajguXwo0KMKrNkx_lr7xb1BkY5VrmxD7_pelYou8ikxOqtxng31-Rd5wgNCAKttftMtrHi_gxciV3zWDj9Ps-BCDm1oxKeXuGQ8yZswence5eqmXzoGWSfEIFNt7vukkyo_Vo0aA5ssqpwHsPC4jIjo3&sig=Cg0ArKJSzHAUhKT4QxbPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=598&vt=11&dtpt=413&dett=3&cstd=183&cisv=r20230620.35813&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:21 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2186 22 KB
8 KB 57ms
57ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Jun 2023 13:53:07 GMT
expires: Wed, 19 Jun 2024 13:53:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11054544220910830971/ Frame 0E12 143 KB
22 KB 60ms
59ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 446793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22944
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:37:48 GMT
expires: Sat, 15 Jun 2024 15:37:48 GMT
last-modified: Thu, 24 Feb 2022 12:30:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 129A 0
0 104ms
103ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOQlvAjh_Y9-6DkshxyLYgLuAYAWa51CzWb3ALYCWUGRq93B5evAQURlPT1AX7kOyULqXNclNxBY0WkGGE93zQAu5FACgHL9vvvKl72FYtvjxrahgLxzOU56pE1Rfmm3NkKoyBHJyBuu-vaPNgIQGiOcAU3NWszfGxMmoF8GAQGr0Pm40gsrR6ollbcbhD9mDPZzX7M-vXXCzDWpQcz9FkMfHL1TK-s6lP9Mjeu2HuFQR7iedTUxmBmjR6OZG6aqDnbQOr92cbrb_tCz1VEoXR0FtzUe3BlSZBJ3sbHfASQ7z7eZ23lRuKXi1dVOgxBZOsbJ0q0avK-kNVw2vJWL_KfoVB2iAnpUPlwLwbqbijqQaN2UkuLU49KHgSZphh77OoSn-OcUmhq2a8PgDNNTb5kqtLcj8wXYKfykuzyftfcReyZLujGZWWn-DSE-nSMRfexq5rgK2vohY67vQ2QLM7vkIKufHFsTJJPcU6UJBEKtDzgTKl-RdoKTVKPrdeDKSGiMDLKDi4S3qJvWD5U0xzB8C-g7ZO7xJRjwE28PfoAa9eZeOweQ0qMnN_1Re5IvpEZQQFpIbnjWvHD75Z4Nu_AVZdG2njs_EFMXMax7hEWBdxQKtqW_WPOnGrdbXw3rZ3GkKfpKEW0bI-OxXZ4JtT39gmYdIpNNwunvFY5n1FmhO3wHIFl-xsuoAPwtGX6LdpSB80DkEy5ceabYs2HXA95d3RunX4ltY32PWhYSKwEaOr2q0zOiylPQOWBIKBc50iRnRVnk-G9845TCTvcs-qjWZxd3_nN_nYG4rbA-BE4-45mTB_0WSUa9D2kqB-Qq-mNTb3J3jw7XBiEABXA5gTwAfZr4SyvRvhu90a9wRVoTa2tCzgPTW2ECNyE9MvXqdOWad4qmy_dOjCao912KEW5pSBvgEzzua8qTRDBNVUVH3KKSoRk17VNnD9E8deJCFhdZpaoRajPqJQnYP7k8MSsK9eudtfxwPI6BZ747mWN2ki_qalq0sVA01zYi51y_4a7VirC-7QybKj0iPuA9XXQpO1V3VTGxKTMvlqmWV9DFdxhBZdSNkspQVQ8f-ePup4KSEmrhFXcX-OUuMY8VG9G2Aw0MCY9jnmnqAAYBDPCgpSY544qKHtrf_3-cKHGz0zAMV9ZlaQbKDyFaAuN5jPpTAXM3muN19BUO80-gt7ILhR6wYsaDtVxh1tB6TMBpbX9O9bLya14hZxK_108x8bxfg4aZDsU2015Z0Do-Pk0b1cCs_GGCBPsBhfCRXQGdYlDEalj_uUfo2pdIrAedmK3XcMInOoSUT6mWs3sxTIIysu_4iA7XaQTi0FvMwKfsQq5hG17lQ&sai=AMfl-YSvDehGAGGpVvA-k6FiVCian7C6vX54mcoJL26dVGD8h9Y3muJtI_AJBF7-FoU4ourE0UCWW4dXh_nA26CblldOHwIRXZjXXH-dOvFlrWHExGmnMzXBYllPrKfFNaNr8Cg_hKt4WlmxpDvDUHW27PJK9Vgij_NOdzxvtJv6ZXDBga51Cz40i_mTFZRitHxfST5KonWdd-PDbx183c27DwMVvdcaghY1rNHXJhtV6NI3zTIWa_osSsQSpRiyY3IhVWQCHUE&sig=Cg0ArKJSzIZktfb9SFvmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&cbvp=1&cstd=208&cisv=r20230620.71757&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 21 Jun 2023 19:44:21 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEECtBDbEkX3KSW6jot2sd7c&google_push=ATf1kGPmapd0dDS-JrtEzPUY49gKJAecmbpYFtQtC_wpcW8mr2KfJjNdRq...

170 B
188 B

69ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEECtBDbEkX3KSW6jot2sd7c&google_push=ATf1kGPmapd0dDS-JrtEzPUY49gKJAecmbpYFtQtC_wpcW8mr2KfJjNdRqDUB4dVQq3lBgfzyrwE1zNgqThX5T0uvp7b2CEfkRvZE0pHdrfjSeRUKoRx85Xjzy2iadU-QsnkibTuFKWeuQ_p

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230079-FRA
pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1687376661.344568,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEECtBDbEkX3KSW6jot2sd7c&google_push=ATf1kGPmapd0dDS-JrtEzPUY49gKJAecmbpYFtQtC_wpcW8mr2KfJjNdRqDUB4dVQq3lBgfzyrwE1zNgqThX5T0uvp7b2CEfkRvZE0pHdrfjSeRUKoRx85Xjzy2iadU-QsnkibTuFKWeuQ_p
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDPAVYWUw9ZXulP-J_yDXA8&google_cver=1&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllO...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDPAVYWUw9ZXulP-J_yDXA8&google_cver=1&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336723794324008&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMo...

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMofyctBzZZa9&google_hm=eR26WXXMQ3uMbd9qFcigZw==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPnDTq7bNVt7XwNdntMskxcyvQaB1Iw58VA3KGCGOXgqL1tD6-5OYnIcdx57InFqZpfq1Q_oXDiN_Sfq1e8bllOgZPpkod2-1Fl9XcN6BGsEyrZJA8MdQ9h3BfFlB-uMofyctBzZZa9&google_hm=eR26WXXMQ3uMbd9qFcigZw==
date: Wed, 21 Jun 2023 19:44:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMvbx_vgkC_pHA2qY7yKbHM&google_cver=1&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gt...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMvbx_vgkC_pHA2qY7yKbHM&google_cver=1&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_...

170 B
188 B

68ms
67ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_EiXpS-YN0_bBqxa_Q1XJdV7B18J546oSaz383Pd0

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPW4Yo_OfjTo2TNTdfovh4i98iPJMiP9VU06cwdbkCRqSbTzAdHTb--H-FMfhXHgheBFRo_-3XudV8iOORlSb7w7gtV1js_ho_EiXpS-YN0_bBqxa_Q1XJdV7B18J546oSaz383Pd0
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BfsGlnexQxWfaTwWKREGWQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

73ms
73ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BfsGlnexQxWfaTwWKREGWQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPEdOd8DOQTVR_YjPy7Q3wqKCiyFApaDhYunlj1XrKDRq-i7FL1x37Fv6sLEP-sZvUYKrjF0YXPLMWXF0k5ci9vNYa7CE7Zkmbjs5yyHQOiemXOWOnHLXRMidkLqoPk0J1W2wBrVxkb

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BfsGlnexQxWfaTwWKREGWQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGPEdOd8DOQTVR_YjPy7Q3wqKCiyFApaDhYunlj1XrKDRq-i7FL1x37Fv6sLEP-sZvUYKrjF0YXPLMWXF0k5ci9vNYa7CE7Zkmbjs5yyHQOiemXOWOnHLXRMidkLqoPk0J1W2wBrVxkb
date: Wed, 21 Jun 2023 19:44:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8A02
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEJH4OZ_xEv7zPQS95nL7nWk&google_cver=1&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGru...
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGrubutn7WVaDlcKLV5zBIphUSJbrlFPLY_b...

170 B
188 B

68ms
68ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGrubutn7WVaDlcKLV5zBIphUSJbrlFPLY_bCt0MgLw5uQfOB&google_hm=Z2QzYzViN2M1NGM1ZDNjN2U3YTU=

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=ATf1kGOhz8GiswqpD7JWKPOevX-UyXxX4U7fYUR4OwURM2CFiWjU85BDTGLenqqkoRVfVjlIb86H8PqbooQA6NiKnmq1qxWZGrubutn7WVaDlcKLV5zBIphUSJbrlFPLY_bCt0MgLw5uQfOB&google_hm=Z2QzYzViN2M1NGM1ZDNjN2U3YTU=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 8A02 0
364 B 121ms
29ms Image
text/plain 52.29.94.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESENbw_HsLkPHEbP8egsPIPBc&google_cver=1&google_push=ATf1kGOZRZgJvgNxh2CdELdtU3FmpeNI1_SynunLAn_GhKGmRHoi6WPXEkoSa1eiFzYkZKr_-N-49fX611mi1eLAa4w766XRy4gPfL7L0Tu5r5P-opAN-0TrzV6O-SxKt2kNu-X3Vi3lFTP79g
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.94.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-94-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 8A02
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESENIsKyreO5tqAp7HpQ4P7c8&google_cver=1&google_push=ATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOoO0zeHofOKebsWE3rLYdJ_z0Pe1Q8vRUOKB_YFsdGjinf7CXpjGhjDTLO...
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOo...

43 B
1 KB

104ms
30ms

Image
image/gif

162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOoO0zeHofOKebsWE3rLYdJ_z0Pe1Q8vRUOKB_YFsdGjinf7CXpjGhjDTLOzBg-x0UiEt96dkzl_NgL5cw9ikMgkNCM_4PkwwFrZA

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 21 Jun 2023 19:44:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 21 Jun 2023 19:44:21 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGMhYBWfg7zo0zbSGRS7Xg299I4lHN3-MxPxOVSBTxOoO0zeHofOKebsWE3rLYdJ_z0Pe1Q8vRUOKB_YFsdGjinf7CXpjGhjDTLOzBg-x0UiEt96dkzl_NgL5cw9ikMgkNCM_4PkwwFrZA
x-download-options: noopen
vary: Accept
content-length: 317
x-xss-protection: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8A02 0
12 B 66ms
65ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsmNY29ah1L0nkOK2qrRN1MlEjP8amcR5Y2FSzOEnuSnZWW9BoW2aoCjaQpFgmcvT6WdZYjWI

Requested by

Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 129A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634097/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=19429846202&bidurl=https://www.ensonhaber.co...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

39ms
39ms

Script
application/javascript

2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 17:21:31 GMT
x-amz-version-id: 6WocTuTK89qveTBkoZ2Yz1Xyh4dBYRY0
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 94971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 20 Jun 2023 17:21:29 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: N8mFJ8JohGKwpyftbmwjYhbMVJw1wqAHLOAPi1cA7OyzzVR5TRdwJw==

Redirect headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CCA7 91 KB
23 KB 44ms
43ms Script
application/javascript 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 23602085
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iBbdlQBVgdYnMgMZ1YTZRXC0l685EqAL3pTsPqxXO5axYnzIQilR8Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 129A 43 B
215 B 133ms
133ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=21b4ac1c-7034-3f3b-55da-f3c239bf2202&tv=%7Bc:gcG2E4,pingTime:-8,time:38,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:38,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvCS+11%7C121%7C122%7C123%7C124%7C13%7C14%7C151%7C152%7C1531%7C161%7C162%7C163%7C1711%7C1712%7C18*.990511-61634097%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:37%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DB3 0
20 B 98ms
98ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjnXwE1OTZM7LHsS1-gbhuaPYCgAAAAA4AeAEAg&bg=!SUqlSh7NAAYQ3eRoMN07ADkAdvg8WnbRl2SPy0Tq0jVOJgacQd2oTlYix70PDOO8-7niQpCeuUlKSylJWnqTBya2B5Jzlc19j9ICAAACN1IAAAAEaAEHmQLzAHw17d2Uzdl11kzQnDf7eGNpWAPekGQv8ygY2A5rM7K5cdvsPevVA8ivVmBqcK5C0rEuDkzj9dp9-ZeIIdssHqCmNIixw6zGWzAmfh4hcNRv2njnhpRrh-YtyLL-9tl_R3U4r4lPdfET46TVIow77IXBlMuBiaxpg9BNOXSSFS1iRkIyrkS367t6K5zulXgpQXGNd5pGvL_VrRzNM79LJPZ59fZ3IuG5e04dTtgg-aLV60O2qV9q1omWYgzQf7mk9JW255RE69WAFNZ8azPnBBVw2V8UOlVXMQVSJhAtIMnTD5qiS9MIKfTZVseFUB6l_37m4D1zZmMYenQyVZfn5DXADwg4wwoYAOVeqjXdfs5OEgFi5d2bnUAd80sxxJ2t8YXrMU_FWCflinCw0ZNOlnhbjFFcUm6Lwzyg5_hh6Qy7H0XzKmEQcpriSguOB3onkC32jTZpq2K0p-ofYcjAXhCC6e6n_DwNghXMTe8xMC8KBjdjdLhIipjOr9CeBe381WZSMCdQC43DVjkb9JeCpLMnXSBVOTP4ylUrxvdnaoxkMFgZLGE_z7TDmjlwUiPCvOlAvn9f_iu1PoxReirn9Anz0H21RMCMmXVHa8NsuhuVBvX7XW_VV4AP9aY7axZflW6dcm960RyZr3DyITYx95lWhnIdBWd3DueCjFe0nGjihKh6dPeetoSu7reAXOZfIeDh83TNMNBYYYZydOpJT8tDiyCpH-jAjrgy0k5Z11LMFYXOhO2qWWGat4steI32db9v42Wh3dyZsq3I7D0t-ytbPN9MLX9dRYep4wFsjvZ25mdrMzBve38mq22jBvOzrZqoGr3hQW9zwZkzlnayTfaoDnhWZ6_FdamNnAfoFyTEURxtSCqGJgjxU5qL7Ts6XJIO_Ap9u0-Bq16YPi3tv-Hl5iDLAfCjfseOjiCSxHBr2jZztDVcnzjsT7JCxP3ddmRCPDBvklGhMrjKpdcolOBvHoWbrQuy4_mhi8O6c902lBA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 129A 43 B
215 B 132ms
131ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=21b4ac1c-7034-3f3b-55da-f3c239bf2202&tv=%7Bc:gcG2ER,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvCS+11%7C121%7C122%7C123%7C124%7C13%7C14%7C151%7C152%7C1531%7C161%7C162%7C163%7C1711%7C1712%7C18*.990511-61634097%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:37%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 129A 43 B
215 B 131ms
131ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=21b4ac1c-7034-3f3b-55da-f3c239bf2202&tv=%7Bc:gcG2ES,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvCS+11%7C121%7C122%7C123%7C124%7C13%7C14%7C151%7C152%7C1531%7C161%7C162%7C163%7C1711%7C1712%7C18*.990511-61634097%7C181%7C182%7C183%7C184,idMap:18*,rmeas:1,rend:0,renddet:DIV,siq:37%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0E12 29 KB
10 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11054544220910830971/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Jun 2023 19:40:49 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 129A 43 B
215 B 132ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=21b4ac1c-7034-3f3b-55da-f3c239bf2202&tv=%7Bc:gcG2FQ,pingTime:-2,time:148,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:925,beZ:927,mfA:929,cmA:931,inA:931,inZ:936,prA:936,prZ:955,si:962,poA:964,poZ:998,cmZ:998,mfZ:998,loA:1013,loZ:1017,ltA:1073,ltZ:1073%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:35%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:35,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C151%7C152%7C1531%7C16.1316115-71738579%7C161%7C162%7C163%7C1711%7C1712%7C18*.990511-61634097%7C181%7C182%7C183%7C184,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:37,sinceFw:109,readyFired:true%7D&br=c
Requested by: Host: 98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
URL: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 132ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2Hu,pingTime:-10,time:1027,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687376661049%7C%7Cb29ca3e37c3be13de036fc72dc391151%7C%7C8623b242deb4313525321dba17b62725%7C%7C149ebde78b2e156272c067ea70412222%7C%7Ce9ebdbdd5567889f130fe2932dab1b0d%7C%7C1577f94557617d1322c622499f4ff073%7C%7C75f2fa8aa56b4980f085569d06630783%7C%7C3ba54b71cdd019b21ab66e9d3d28e220%7C%7C1663701684,im:%7BpWait:44,pLoad:546,pci:%7Btdr:582%7D%7D,sca:%7Bspg:9957c9e5-171b-6ed7-b70b-f811616929c7%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2186 37 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fAtTGskzFlJa5Ldh3SiPbiLEXcXjYWf8ZG_gkYEl2B0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 19:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 19:34:39 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 129A 0
26 B 91ms
91ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssCuSMb3gvHOB30Yzc87wnS1wBpSMpM8z5U63HxAopeTUda1Hkwf90I31zvQ2DyrJX-a9xixjK0n0c-75h7Vppp56i3lfNkYftCx-A2J-74jvgP23AvfiNoZE-_2fh-msolVun0Uq_-cyxvlTd2XVijev1CpSSrumk_0lNFKoybAhrp&sai=AMfl-YRnh_eGA9jngxG4__x99Xllhxza9znjmKS6iNS4JpXERXL9V17dctu3pqdz50Zd5NCNmmlimnzmXyJQ6WqsTZvVWoXhqzPH8Ew0eu31Ps740FnBbuquMcuJFlVHDvY&sig=Cg0ArKJSzBNzoYnMZH3ZEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_970x250.js Show response
static.adsafeprotected.com/ Frame 5CCC 3 KB
2 KB 40ms
40ms Script
application/javascript 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_970x250.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: .AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding: gzip
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
date: Wed, 21 Jun 2023 14:15:07 GMT
x-amz-cf-pop: MXP63-P1
age: 19758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:56 GMT
server: AmazonS3
etag: W/"094948b2d1170876fb8e76e432d87da6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: t0KfSIruplYUi1SoIqLXNVrSbSpLICgYC-ogrK6Exwb4dTS60ayoPA==

GET
H2 200 IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 5CCC 28 KB
29 KB 44ms
44ms Image
image/png 2600:9000:2246:b600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/passback_970x250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2246:b600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date: Sun, 18 Jun 2023 15:02:29 GMT
via: 1.1 3889464930fc240ec6e67dcf9392dcc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P1
age: 276114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 28949
last-modified: Fri, 18 Feb 2022 23:29:18 GMT
server: AmazonS3
etag: "9d3f43da9d0d0679ec0dfea58b2f1d45"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: U4LWIeJwtfDzjsrDZ0NJeddGgsw60dFdJW3D9J-QH9mnYF6g-BeOwg==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 68FA 0
20 B 102ms
102ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3jnZFFOTZNPJC9GD4gHM776QBgAAAAA4AeAEAg&bg=!dHeldyPNAAYQ3eRoMN07ADkAdvg8WukM25LVdvx3oxOHTjTIvU_68C17vVTf93ijLRhlwMEPE_WVp-M4WV5SO92ZZJbv-YSAzb0CAAAB4VIAAAADaAEHCgBV03uIkZ9IuQWUnUeCg3hMgB14YZvdNbd2sYYF-8b-AhTh8Jch-GJ820CuM0oUg73O4WZrNmYkfMmfgWK0b1VX-wvFF2_M9_yjtUnkK5_loPPl5e9zSJkDCCPkgn74a_jqhXtdmyWwM7-OOiS5fcNNHwjR57JcA6Kqrt0q6Yxu-oJqOLUNmjxo6VVQfosvZ5T52izKqrxriEgdoux7dbFubyNLJlMEn3L0OvhY66UB5mw3O0Bx2BHOTDwEfyhwHBppt6-mmMLwvE5XeHY2-8x0lQvSdGtYvUOqEt8vd1htuGoKqxbuh5b8Ct9IC-vzDveTc_WC7MikW8gnDxQbw1X3Vl6WvXJq_Y96ZiX3xj8zhJZP3wwerkDbsizLQVRDdy6aoRQfaQ3tA-4uOV82R9qzN7Jt6xftWLt9CBFKYTTzkFgx6x3JYo9iFrqBXUtDYAyu-8Vbj9sayTmuws2k-o8ysoFPJ-USc58aBt40zRZ09tfzy4nOh7r2U_0zVIX5hmpWfNWLqyWG8ZVttkSfZIxOEkVi9E80ySbzvsNEx6uy7ihiuphaGnsC4uN5Dt455ZrpsIiCflu21dGkxcgucB0RdAiCTRnXhKzgkB-JrBd9I7vVFJ2GAwj670mxAVWw-95ARH1ZOgh1bMp7CKN53UzSpJWJVvvNShxv9zhLEuTaSwrk3buDV6TjJQC3gjZdAuTdxYbxntok-RRoKmqjqU04cl30-cIgI6SpMnbou_0uABf5_p3NBs8KaAH5ArspEMf3l_1cCpRsDQKLCNzkcxvq9K5PeIlxxuE1DyZdSYwnzM9V9cilgAAYaX9QO_EDwNVCRda0QJFKBYM9m4KohSQMW_alNe7XWVD1a5Mv6T1e4VqxC8wmalWuSfCZ4wrHYWwhKDcr6zY7OMCVcO8w-RFOj_y0vmK16tbLsGi0BxlaU4du-HDE5gOc3v0lUbOZHmLYvCNcl-lGqB9TbCE7DV20rq5bvQUMtzPFqgjRz_0tU7uyXaYVQHkrufQDYUAJjg30jL50LzQdYEIoxaRvcJfVPR4lXw9FyKix8cH1u15IIAgarBWsIt8hwRS0NR7vBvmQKmJawA3z6L9ul6N5EkvAdHG8NBQMAplS8UWoqJhjh4ZhVmxUS_SDe1qzp28bIKSC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCA0 42 B
64 B 96ms
96ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmc20yyZIO0-z-fN4g6lkhg4P992oZPY97g67h1b8xghEOoDDdq5TufyayC0r93Dl2-Zm92zlaOAXYh9mCh3LJyOVPGau-ErqowodwIA1Tcd8NPaGEI8M6T5StGgHtU_5q3aeCy7OHl5nk&sai=AMfl-YRo0u0gYAwkMDI47T0LxR3Qe-0_G56aeg1YqZ6Jr0p2Lr3H-ehCujBDccFTPSDbuLod5F1XMdVM3SctdotjKrTzMcw2zSVEHAl1RkEqiKU4-ms9R-WsMdWQZ7OWafYdKUd400yzE_rIVMer&sig=Cg0ArKJSzIGBwF_9xhcLEAE&cid=CAQSSwBygQiDyg92xQah2kozPVojg38GI2zn33NaunNcaxwAFXEYLyqlXXC0eYJPJi6VElHZWBTu4Nr14r4WgAb1bj_Kp3Co7HRri1BlkBgB&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=396462409&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376659830&rpt=852&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 129A 0
0 96ms
95ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOQlvAjh_Y9-6DkshxyLYgLuAYAWa51CzWb3ALYCWUGRq93B5evAQURlPT1AX7kOyULqXNclNxBY0WkGGE93zQAu5FACgHL9vvvKl72FYtvjxrahgLxzOU56pE1Rfmm3NkKoyBHJyBuu-vaPNgIQGiOcAU3NWszfGxMmoF8GAQGr0Pm40gsrR6ollbcbhD9mDPZzX7M-vXXCzDWpQcz9FkMfHL1TK-s6lP9Mjeu2HuFQR7iedTUxmBmjR6OZG6aqDnbQOr92cbrb_tCz1VEoXR0FtzUe3BlSZBJ3sbHfASQ7z7eZ23lRuKXi1dVOgxBZOsbJ0q0avK-kNVw2vJWL_KfoVB2iAnpUPlwLwbqbijqQaN2UkuLU49KHgSZphh77OoSn-OcUmhq2a8PgDNNTb5kqtLcj8wXYKfykuzyftfcReyZLujGZWWn-DSE-nSMRfexq5rgK2vohY67vQ2QLM7vkIKufHFsTJJPcU6UJBEKtDzgTKl-RdoKTVKPrdeDKSGiMDLKDi4S3qJvWD5U0xzB8C-g7ZO7xJRjwE28PfoAa9eZeOweQ0qMnN_1Re5IvpEZQQFpIbnjWvHD75Z4Nu_AVZdG2njs_EFMXMax7hEWBdxQKtqW_WPOnGrdbXw3rZ3GkKfpKEW0bI-OxXZ4JtT39gmYdIpNNwunvFY5n1FmhO3wHIFl-xsuoAPwtGX6LdpSB80DkEy5ceabYs2HXA95d3RunX4ltY32PWhYSKwEaOr2q0zOiylPQOWBIKBc50iRnRVnk-G9845TCTvcs-qjWZxd3_nN_nYG4rbA-BE4-45mTB_0WSUa9D2kqB-Qq-mNTb3J3jw7XBiEABXA5gTwAfZr4SyvRvhu90a9wRVoTa2tCzgPTW2ECNyE9MvXqdOWad4qmy_dOjCao912KEW5pSBvgEzzua8qTRDBNVUVH3KKSoRk17VNnD9E8deJCFhdZpaoRajPqJQnYP7k8MSsK9eudtfxwPI6BZ747mWN2ki_qalq0sVA01zYi51y_4a7VirC-7QybKj0iPuA9XXQpO1V3VTGxKTMvlqmWV9DFdxhBZdSNkspQVQ8f-ePup4KSEmrhFXcX-OUuMY8VG9G2Aw0MCY9jnmnqAAYBDPCgpSY544qKHtrf_3-cKHGz0zAMV9ZlaQbKDyFaAuN5jPpTAXM3muN19BUO80-gt7ILhR6wYsaDtVxh1tB6TMBpbX9O9bLya14hZxK_108x8bxfg4aZDsU2015Z0Do-Pk0b1cCs_GGCBPsBhfCRXQGdYlDEalj_uUfo2pdIrAedmK3XcMInOoSUT6mWs3sxTIIysu_4iA7XaQTi0FvMwKfsQq5hG17lQ&sai=AMfl-YSvDehGAGGpVvA-k6FiVCian7C6vX54mcoJL26dVGD8h9Y3muJtI_AJBF7-FoU4ourE0UCWW4dXh_nA26CblldOHwIRXZjXXH-dOvFlrWHExGmnMzXBYllPrKfFNaNr8Cg_hKt4WlmxpDvDUHW27PJK9Vgij_NOdzxvtJv6ZXDBga51Cz40i_mTFZRitHxfST5KonWdd-PDbx183c27DwMVvdcaghY1rNHXJhtV6NI3zTIWa_osSsQSpRiyY3IhVWQCHUE&sig=Cg0ArKJSzIZktfb9SFvmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=710&vt=11&dtpt=500&dett=4&cstd=208&cisv=r20230620.71757&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Jun 2023 19:44:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66FF 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeHWNFFOTZIqdE8ST4gGBv7KoBgAAAAA4AeAEAg&bg=!nJ-ln8vNAAYQ3eRoMN07ADkAdvg8WqWZp7sSmUBYmwj1O-jA9wFNFcXj_F0krXbMFYb-NBPltTGcvlFn7kyTIrTG591H130WSywCAAABdVIAAAAEaAEHCgAZb9hxKheDw5xcBjtsi3GHfi0g3bA6j0zQt5kC_bCnkw9lEH6zzPU0lAnswl2zFxlD4IcaroMMG_AykiTeDA0rWq7aER3RT4aP01Oqw1GJlDIqKsS53nO9nOVHu1uWIR0lItjVVnJv98MHSTfzoqosW9LKiEapKFEK1zuZubq_qGuX_53crzwN3Tg8uikInLYjVuLYcPCqZFkSJhI9nQAWekbhcHp0f5TJC7wfrt5I2nhD_W_jthwYIsGOlzLY83zUyPfKhlcAP63mO-I2EYQMbgwfJJXW6tSJiusTGldheifoGXoKU5SrdGRSJRb2GoDA_lVcn9sgR3DFm8dk5wsmPtqsA0l1QBf-EPcfDTc9sqf7nerBdx15nVZpSKg3b0SFQEqZnr9RJJudrvncctq5liAHOr9YZtddvb_NR2JK9-F-jk2caCVoTcNGKrYtXp3QAimGzJBZiJ9vCwc7v3g8b_06_t-W-bst-2nhQc6JJzd3FA_1zr99XN4IgiwGxmBv2UyLv4NQe5LtCDEM3f4Io2cL05YLNIL2Isa40G037DceSOhtFV57UgJjumnWji2qXretkOB3IN2YsJrPg5AG8892TqE4-MF9RTwcL5G9JABTXKq7Zhh6gEQUjh26opYBR_jr6o_NzSzYdppyQ8t_xZs36O9W4x6IIJJn35T7_dItJ2uAdQDUiUOh9zHJftcZUcTM5MkwPlnO2UQ7ojDMGWoJ_9kXVGL2ReR8SlWsZASmgVrhRQFke9tf3vkGqyCGox_Awkm2IcPkqV4C7LNFNUcjaE7wXxIe4k3dy34JCI4q7i4HefrBFSdqcmaVRccoHmuQ6ijRJ961WvJyECXGWG2c0uh4axWrNowFr5DhFYWUtofk_2xM-SQOidKull0V5VF1APhZp3m7nIFs31WMv65U5Nsil2-7TIx3MDyFM4wa2GLgGmtL266-rBC4PuNWOG4CaoUFlGKRRsySyRFF3o0dq7xF2Nqes_znI7GydIR6WYN9mjVV4YrEkoLvOcb6NWyNxoSNhvwsz9MvPtVdn9CirXMhPmTDHA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2186 0
20 B 94ms
94ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKhF8FFOTZMWkNv6yx_APp_qUIAAAAAA4AeAEAg&bg=!EhGlEUXNAAYQ3eRoMN07ADkAdvg8WhzwII_BM8kVQrQH4dfttr23WVJAujoerGeSotL_LqUlW6f4gox9mO6Nut2JTEmH6qJoQ_0CAAAAu1IAAAAEaAEHCgAWUN42W0SCjuW0TWW4tygkCUCc6ELyhZkC77OmLSjJ3N7HDDk3L5cYJvmi0L6B2PFgKl2miWQ6uwCmKcK9HU1TYzySe92smTAQZLGXgUs2YoliqirAEa6791H0JjHqYZyZXuevXjSLKSOwb8w3VdeyaEBVCM70LYjipNsx1YbZuHxsvdDXN0tv1xxYpivCnXVjdRHA9kBllNXwi9TRmUSlZQusXMp0q7AEjbOd5Uq7cARiNk4yAb_ZXP_4nP5XDRFYNN9D_NQrWkio_8MT7_yvic7A0c5qpxuqtuPSfwYvhIHJlZTevjw_ludeoDO723EmY2flkswjWlCKZc7q-b-Mtfmy5sWjnAmqWTu9kRHJB0kgLKDGTEaDwMgO-xqPIvKnkAz55JP4uIUGZnpChYFbQMVrSDFavW5ASnZPmqPtbsEg5imSSuzGOOw3Zt9x4JbDYs1tm0lMXbaHL0p75vqb2fmotbz6Jo3KD6EzgeYFKFX7tTT4lEWao8g4bfpfDVDvRceYlBOgXAOmbtGzNwuaRlR85W8ontF14uPAn2K_rF2ikeNrfVD6pO6nbsD54EtVM0ZmIeOEekopGeZAD6ydatYkVxtD7f-tVslLRqWwhBoGApHn3XrxdTCJN7UwpwsRFH3NeB6sH-cKKFVV5GNw2yZbR70W2K7Zu2cOjVICVPoeE5yRJ39HpaKrJ9_txRSm-AY2Ipkt3vV2yDNqISiWwNqQ_twrivazQlcRZFEiqdt6yEwX5p5rakSJEiOaogY0jN9vEnSfCgPiuxIRePICubpT9x1-LQNnou46YjwYfXhMlROsTB2cSiJFotoIE_ezrKHJ9xK7zUGETWlS-7g-C-qgthTzvsZmDWxLX-yWZpNqtDPBY4ui1rTXanm-e-D7JyA9tsM4WbwcXpRKl2M5tNXainro5Rym7fUD97SJeLlHUn95gowQc-391eijB-ToZ_Gjpor5gQmfdTkLhaGsWjXkvDyyWvL21CLNf-PhkDCBD68tVtIv7xMxRjX_1JlPidMCmw6HQv8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C7E 0
20 B 95ms
94ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4311450634710&version=m202301230201&ct=76&x=1&cor=7508964173973863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39CD 0
20 B 95ms
95ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6992822499407&version=m202301230201&ct=76&x=1&cor=3731352434064825300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 39CD 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqJz-1sUuuhXn0zr9CY4XZs99Y3NaoCYbQ4QAql45f4zm5b0yLbXxJgZSUjOmKi4H52LIDKNh2mkFu9BawSUEC7s3_fN2wfx2EVMMK2ya-Nw3qRAzxDbVAciwixII-yj3zmtv44qtnv2xu&sai=AMfl-YTZf_JH8mQtKWuidlbRmmRY00heODInDfGcW3BZlTJasH81kfwrGsCStgaR6M9U6aq1MZbfQL5nRhp5qfq4CknCeTpPwwqO_o4fIyyEvgScjXwbkumGb_VhhX3oDdGJxEJ57gT3x4oA2h_d&sig=Cg0ArKJSzJdpIi2_BIDGEAE&cid=CAQSSwBygQiDMl32H7r-qZopKVdwkgyUAya8ccQj1XQ0q22jOm-KEnHd5V8prh1vR3dnWDylj3bYtn-xBacL55b-QBeT8h8fbEvTodEK5RgB&id=lidar2&mcvt=1054&p=153,33,757,193&mtos=0,1054,1054,1054,1054&tos=0,1054,0,0,0&v=20230620&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1502987301&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687376659630&rpt=1379&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/14271075340965742532/ Frame E138 175 KB
31 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14271075340965742532/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f30d9448f281913b2e68bc84f89dc0c3fc1950b335815cfbaf3eff61e061167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 06:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32011
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 08:39:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 06:03:11 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCA0 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=810243337530&version=m202301230201&ct=76&x=1&cor=2612037504747888600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 133ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2Tg,pingTime:1,time:1757,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1057,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B690~0%5D,as:%5B690~160.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1057~100%5D,as:%5B1057~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C18.990511-61634097%7C1811%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:63,sis:401%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 131ms
131ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG2Th,pingTime:1,time:1758,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1058,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B690~0%5D,as:%5B690~160.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1058~100%5D,as:%5B1058~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C18.990511-61634097%7C1811%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:63,sis:401%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/14271075340965742532/ Frame E138 7 KB
2 KB 57ms
57ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14271075340965742532/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

852290a273dbe2f455180e9ec6f84de9a9d51d9d222ca8fe45e1f1cc59427964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 06:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2452
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 08:39:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 06:03:11 GMT

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/14271075340965742532/images/ Frame E138 18 KB
18 KB 57ms
57ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14271075340965742532/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ccd50e678e7b80603c6686674a216bee9c3067eb3d2d98e00a14ecf190e2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 06:03:11 GMT
x-content-type-options: nosniff
age: 135671
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18534
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 08:39:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 06:03:11 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/14271075340965742532/images/ Frame E138 97 KB
97 KB 58ms
57ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14271075340965742532/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5afcfe6baae2282fe3e215a449866cf584f3c12424e3092bfa3c5a6a9c54ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14271075340965742532/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 06:03:08 GMT
x-content-type-options: nosniff
age: 135674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98916
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 08:39:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jun 2024 06:03:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 129A 0
20 B 92ms
91ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4567249247477&version=m202301230201&ct=76&x=1&cor=17938660863957225000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 129A 43 B
215 B 138ms
138ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=21b4ac1c-7034-3f3b-55da-f3c239bf2202&tv=%7Bc:gcG39y,pingTime:-10,time:1990,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687376661049%7C%7Cb29ca3e37c3be13de036fc72dc391151%7C%7C8623b242deb4313525321dba17b62725%7C%7C149ebde78b2e156272c067ea70412222%7C%7Ce9ebdbdd5567889f130fe2932dab1b0d%7C%7C1577f94557617d1322c622499f4ff073%7C%7C75f2fa8aa56b4980f085569d06630783%7C%7C3ba54b71cdd019b21ab66e9d3d28e220%7C%7C1663701684,sca:%7Bspg:9957c9e5-171b-6ed7-b70b-f811616929c7%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:23 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 34ms
33ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3G92ST5T0Z&gtm=45je36e2&_p=868516779&cid=2032561920.1687376659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&ngs=1&sid=1687376658&sct=1&seg=0&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=Ensonhaber%20%E2%80%93%20Son%20Dakika%20Haber%2C%20G%C3%BCncel%20Haberler&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3G92ST5T0Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 132ms
132ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG3VB,pingTime:5,time:5746,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5046,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B690~0%5D,as:%5B690~160.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5046~100%5D,as:%5B5046~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:137,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C18.990511-61634097%7C1811%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:63,sis:401%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:26 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 39CD 43 B
215 B 134ms
133ms Image
image/gif 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1316115&asId=2e7b0935-97c2-1aad-bd45-93616b00e3fe&tv=%7Bc:gcG3VC,pingTime:5,time:5747,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:62%7D,%7Bpiv:100,vs:i,r:,t:700%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5047,o:700,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:62,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B690~0%5D,as:%5B690~160.600%5D%7D%7D,%7Bsl:i,t:700,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5047~100%5D,as:%5B5047~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:137,fm:tHQwvjb+11%7C12.1431402-70901275%7C121%7C122%7C123%7C124%7C13%7C14%7C15%7C16*.1316115-71738579%7C161%7C171%7C18.990511-61634097%7C1811%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:63,sis:401%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jun 2023 19:44:26 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 aksarayda-kayinpeder-dehseti-damadini-bicakladi_34315378.jpg
icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/21/ 63 KB
63 KB 44ms
43ms Image
image/jpeg 2606:4700:10::6816:3e4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/382x450-85/resimler/diger/kok/2023/06/21/aksarayda-kayinpeder-dehseti-damadini-bicakladi_34315378.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3e4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b0f99a25ed4cce62a4f679d89bdf6cd73ebb92a6ca38fb6fd8103f8cbf1ef62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 19:44:26 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 4036
cf-polished: origSize=66763
x-vtex-cache-status-nginx-thumbor: MISS
content-length: 64258
x-msg-cdn: TT12
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e16facefd2ce9b59216e25e5fd908d419f25b2a3"
vary: Accept-Encoding
content-type: image/jpeg
x-msg-esh: crop
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7daebf06fe0d9016-FRA
esh2: 382
expires: Thu, 20 Jun 2024 18:36:21 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ensonhaber.com/	1970-01-20 22:18:56	Name: _ga Value: GA1.1.2032561920.1687376659
.ensonhaber.com/	1970-01-20 14:52:32	Name: _gcl_au Value: 1.1.183430784.1687376659
.doubleclick.net/	1970-01-20 22:04:32	Name: IDE Value: AHWqTUm3Q6NNQ_MxQbmaELvlQOzAA3W5M22NCBrFpkUQZxJXUf1hXangEVAl4f4K
.criteo.com/	1970-01-20 22:04:32	Name: uid Value: fce8aea3-8d6d-4425-a034-a24268a3b6fc
.adnxs.com/	1970-01-20 14:52:32	Name: uuid2 Value: 8255147706017798307
.casalemedia.com/	1970-01-20 21:28:32	Name: CMID Value: ZJNTE988aGjkSbfY1GtEaQAA
.casalemedia.com/	1970-01-20 14:52:32	Name: CMPS Value: 5214
.casalemedia.com/	1970-01-20 14:52:32	Name: CMPRO Value: 5214
.ensonhaber.com/	1970-01-20 22:04:32	Name: cto_bundle Value: 9cyMml9saVhLSmt6ZzV3Q1YyTWRuQXY5TnZRYkZhYkJuS2dENjVQak52bzgxVjQlMkZNM2lQaVZrblRuOUdGdzlZY1p0b2ZpZjhyb2hWRVlOcUhOcER1OE5xYTBlQllaSkdpeFpPcWF6SDZublZXZEd2JTJGQTZ5TmpKSnVtSHN3V0dSVjZ6cHFsM3BtU2VUN1Z2YVp1dm1zd1BadndnJTNEJTNE
.ensonhaber.com/	1970-01-20 22:04:32	Name: __gads Value: ID=3b8dbebd8bc5adcf:T=1687376658:RT=1687376658:S=ALNI_MaVU8I86OGf818cuTbaCYC2IDVd8A
.ensonhaber.com/	1970-01-20 22:04:32	Name: __gpi Value: UID=00000c4ca11aba09:T=1687376658:RT=1687376658:S=ALNI_MYZcCLsiFhrxFIplpKMxBtIRA1E2Q
.adnxs.com/	1970-01-20 14:52:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVSghM!o!]taq8i_iqf!oN/@E'zz<Z0QUeT6<uGvSUOF-^7mbXkN0h?_1.(DK>gOddOTD._PlZ[C[-kX-/_TVo
.ensonhaber.com/	1970-01-20 22:18:56	Name: _ga_3G92ST5T0Z Value: GS1.1.1687376658.1.0.1687376660.0.0.0
m.exactag.com/	1970-01-20 14:52:32	Name: exactag_new_gk Value: 40c294b23f3a48d486ce75f7b8dcc471%7C20.08.2023%2019%3A44%3A20
m.exactag.com/	1970-01-20 17:02:08	Name: exactag_new_uk Value: a94899ae74674341a009ed42e5a07b89%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: b39ea9dd23004417a3e9a4fe
.yahoo.com/	1970-01-20 21:28:54	Name: A3 Value: d=AQABBBRTk2QCEF8fJL19d56Lmtarep3qqmAFEgEBAQGklGSdZOAYyiMA_eMAAA&S=AQAAAmFaMjSqKtRtLkRORyXRXgA
.demdex.net/	1970-01-20 17:02:08	Name: demdex Value: 38118039356463048504052303583911164768
.doubleclick.net/	1970-01-20 12:43:00	Name: DSID Value: NO_DATA
.analytics.yahoo.com/	1970-01-20 21:28:32	Name: IDSYNC Value: 18yl~2ccj
.spotxchange.com/	1970-01-20 13:23:15	Name: audience Value: 044aaf95-106c-11ee-8c20-143d56a10506
.skydeutschland.demdex.net/	1970-01-20 17:02:08	Name: skydeutschland Value: 38118039356463048504052303583911164768
.bidswitch.net/	1970-01-20 21:28:32	Name: tuuid Value: 791dba59-75cc-437b-8c6d-df6a15c8a067
.bidswitch.net/	1970-01-20 21:28:32	Name: c Value: 1687376661
.bidswitch.net/	1970-01-20 21:28:32	Name: tuuid_lu Value: 1687376661
match.sharethrough.com/	1970-01-20 12:53:01	Name: AWSALBCORS Value: bLqS5sei+cjzRqgNp9ViJgmyh0IA8wOxk51BgIZm95PuxQaPlfn4F7QUu7TVKOmYuoOqL4C5F8v3u4kGTHvj6DXdUqUWX+a65bwEGxhDuYJ0MCGQWcCaZcm7OjTb
.pubmatic.com/	1970-01-20 12:44:23	Name: KTPCACOOKIE Value: YES
.de17a.com/	1970-01-20 21:21:20	Name: guid Value: 1.8032792093627674613
.pubmatic.com/	1970-01-20 21:28:32	Name: KADUSERCOOKIE Value: 05FB0696-77B1-4315-9F69-3C1629110659
.everesttech.net/	1970-01-20 21:28:32	Name: everest_g_v2 Value: g_surferid~ZJNTFQATlbxCbQBa
.yieldmo.com/	1970-01-20 21:28:32	Name: yieldmo_id Value: gd3c5b7c54c5d3c7e7a5%7C1687376661449%7C0%7C
.rfihub.com/	1970-01-20 22:04:32	Name: eud Value: H4sIAAAAAAAA_1vFwmtoZmFubG5mZmZobmoEAPSGIfsQAAAA
.rfihub.com/	1970-01-20 22:04:32	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3Mja3NDE2MjEwsBDiM9RNdM3PTk3KLg6N1DUEAEIt2sglAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3Mja3NDE2MjEwsBDiM9RNdM3PTk3KLg6N1DUEAEIt2sglAAAA
.id5-sync.com/	1970-01-20 12:42:56	Name: cf Value:
.id5-sync.com/	1970-01-20 12:42:56	Name: cip Value:
.id5-sync.com/	1970-01-20 12:42:56	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:42:56	Name: car Value:
.id5-sync.com/	1970-01-20 12:42:56	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:42:56	Name: callback Value:

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s.ensonhaber.com/assets/js/home.min.js?v=3.14.62_110bdcf(Line 9) Message: WebSocket connection to 'wss://ws01.ensonhaber.com/finance' failed: Error during WebSocket handshake: Unexpected response code: 500

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

98e2ff2563fbe36042a0c4e9cf766020.safeframe.googlesyndication.com
accounts.google.com
ads.yieldmo.com
adservice.google.com
api-stg.ensonhaber.com
cdn-ima.33across.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ensonhaber.com
esp.rtbhouse.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
icdn.ensonhaber.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
m.exactag.com
match.sharethrough.com
mug.criteo.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
region1.google-analytics.com
s.ensonhaber.com
s0.2mdn.net
securepubads.g.doubleclick.net
skydeutschland.demdex.net
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.inmobi.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.ensonhaber.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.75.89.75
142.250.186.130
151.101.130.49
162.19.138.83
172.217.18.98
172.64.152.222
178.250.1.11
185.64.190.78
185.80.39.216
185.94.180.125
193.0.160.130
20.127.253.7
2001:4860:4802:32::36
213.155.156.183
213.202.235.9
2600:1f18:1aca:4282:ee2b:77cb:4e8c:39bd
2600:9000:2246:b600:8:48e:53c0:93a1
2606:4700:10::6816:3e4e
2606:4700:10::ac43:28c4
2606:4700::6811:180e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200d
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2003
2a02:2638:3::c
2a02:2638:d::2
3.121.106.141
3.71.149.231
34.96.70.87
35.190.39.111
35.244.159.8
37.252.171.85
52.17.92.218
52.213.231.241
52.29.94.107
54.76.254.97
89.187.169.43
009d4ceeb1168ae5d225f0898ba84f53743d9051b32b5a016bc7c867f32f0c5c
00f209e5346c214d363ba40bcb0d7dabfad704152bb606c4c9602e379bd42d0e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01e1caf58394f459b15a0754ea42341ff3c697adc5eb4c077f6d9af374654b0c
031e03ec474bfd9ef7c5a678378f1aa70588f5a62af4d2a8ffa4f802e48b7386
04d25c94e5b545a1327fe6f47eb2fb86006fcd9dba9d946dd2a4be74e9a1a15f
05ec57e3bf50c723dd83849e24de2ddd91ee49fb7c72c3a80e4061eb723cacde
0766cc8115ac2b7e68cfa59253b7b29c5604a4f0c84d40449c79eb88d132bec1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca8877766a4fcd6665a6fd63e69359eb0d19d47df34e399d34345c12e00db4c
0f30d9448f281913b2e68bc84f89dc0c3fc1950b335815cfbaf3eff61e061167
102b58b4e227d81042c84d5eccdb17a607b87d33b01c258c1f820fe9bcc18b61
10c2718b5a8f0a342627ce1e4da4ee9ab45fcc24cff760530da5a33d2db6cdf4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fc5122908ed58f8a0595d3c00f9202b406d774b2b6ecd834bfba408a374da
12bcad3deadc62829c01d1c4854713a237a74515c550c48b8cdab9e6e1bc9996
13340dfc25a96d245772fb41c7aa01c32723b80d8dd8240864b747610d2ff745
13cab061ea47f0fe6c3fd6b37e6728beb40dc447c3086aef9ba1132eb0df6490
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
165116fa9d435175a18a09378e9f9353cb92f627c99f8e2734b43a1be15d8f74
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18716a69ac05e85bcd36f171cf3517c6f86c48d2814cd715b8f212e1f93c845f
19548f8289d4b24aa28abbf3cbef12890c91a15372c0bf741630b3c51bf93a7b
1b18344098c7beeb17792064f962b0325c6fe6b6b6e2708a521f346b71d4d283
1b2599c7408f672895dac31c17dbd28b97e2a893a9e08355beab0484d06fd2c5
1b86bb840a36f6a4bd1b1ff4f64f3b62acc8b7b8a868bbdbd9f5a24c6bdb0ddf
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c7853a5a83fb94706e5a73a94898dddd2c9bd90650a0db680c84897c99ceffe
1f43af206870986a648b5db6570c0488ead3ab087202e82168e57a73af4b5124
221dd58a59c7638834d100001d3c2b61befdafb3b2f65e06cf1c9926b8a081ef
2302716051f0963269ff25431c4c06772a2fd6fb9ea23f7ad5d5d5eb4f13478e
24de6e7c25795d004fd01b1b2b3345ae1c7514858fe2a2e99de90324e3f42898
276e17bfb22e4bda39154fcf2fe17921a530e3b7c5697d92c09348e1ba60d042
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0a8c318709b662988173b2343311cff1342159884ea66bb2f6a98287ca916f
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
2f2688eeeeb6d99e09adc5d8aeea2963fe4034ca8f98f639f24dea4e0d0f7d16
309abe44eb60bb130df184f61f443953cd3fcbc5b909dd005ec72b3b15021c75
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d75b8d9906e4fe046307d507ff6d1893ed34d99a6f28f931301ed5d296728b
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
345b7b8da6f10a856720fd05570e1caa0e745fded85e2e51d27bd7c2b6da2398
34df2cadac0444599fe032eaa1b5d521809cbb2dc76c7368b66405217c7a67e3
35a3e77e6c3daacec81193aa4a6c42c941b2db63f14ef430cb3f4fad6ef9a44c
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a1a47d73652bcc5b2be7cd02ffb055ac5a14d3424d949d1f9232a09d2720db0
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b0f99a25ed4cce62a4f679d89bdf6cd73ebb92a6ca38fb6fd8103f8cbf1ef62
3b81932a73af887454276597e15a0db776f26caa5888197d7bcca2b9647f6622
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d36e747eb562ccce4eb72ec40b80fe06798d30975f4951a04aef2c60def318b
416a4c85b488c3fe2ca26298fc13a4fec28626649939aeab1f5862a27e046cf0
41a27147fbfef41f281db7f00102b2b4860422aae427740623a145892f477160
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44390ffd4b53f31574a15edd86377376b061b7096ef0a5b1ff76da6dc4008ab6
44bd343862046968424f4d9db05d46c1e851bfca9c5005906894c157fde2473f
44e47e47c96c54501f577da9294014414a2f716ee0f6fa63a44f981be79337d2
45ccd50e678e7b80603c6686674a216bee9c3067eb3d2d98e00a14ecf190e2bf
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
466b0e5716a04e71a1e5978a7cce0155bbf91a46ac623f4d2709fd7937512c78
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dde986d501f11f0aece25ea490512c34f0fdff0104a4858b61eacda34c107d9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a42cf5d32fb8153b2f58d5ea30404e2c8cdac08e85153df1849682098c1cbb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
586e363f37521dcbfcd7ba32cc2305081db89c33d632f9db1cb95a6eaf092031
592726dcd36e27f1287a1ff2e6d14e5e68b928cd4eebed720c267d4633277286
5afcfe6baae2282fe3e215a449866cf584f3c12424e3092bfa3c5a6a9c54ea61
5b70d8eb19ca32d244e29e759e816c343be893232978532c9d5943f838e60e0b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d3a97eb0de0a03be74334808c5faad0ddb368de9dce18363702d500326f1a78
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642690da3a34058586de455c174c0ca0ac0cfe90621a06602a60fd94bd204218
65803b3152b8225540cdda2ae8e3a298ba9eb591cc35d9e7fe4b906b0f515ead
68c54025d4765832f03ef10c8468ca1d849ee429b51b4f264890e54ce27f66a2
6b05416d448486b4f4bb414d78be3b4a8f3666c7c51b8e6aa12e74ea35f10018
6c2d6ce4a7f2a02270cd2693256f756b8ed4e2c64f2eb6b9b33cbadd22cc2140
6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e
74d5ddb896390fbd0d379431074c833d31f208835ef558dd0ede1264e46a3a5f
7538cd7c33308dfe365b6eefb109cfd36d0995d8964fde129c7f0b2009891f78
768382b088c5cb58e4a670880ea33d6926e16ddb5923a937f41f660269c676d1
79574e015175b8ea2f0366b354be78ae5be45c89150d0a42b7bfa6c9963dd5cf
7b528d1158bcf6be370dbad4ee1ce2ab417c5e278d7729044659e11866226482
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7c0b531ac93316525ae4b761dd288f6e22c45dc5e36167fc646fe0918125d81d
7c19206c024726a36da0e04d60a41053c3151874c32953bb90c46e79a0908685
7c5a4091ad723f5a0ee361cb4ec5ce851d11ed195d220647fe3399e0fa9f570a
7d652237f8e2a4a8d6db749b8f9be7ebde3372967fb4454887ccf380460c369f
7fcc05e8697e4fa1b9af99a987029133c782d8ad781d6251ea097cd2dfc5ee3e
7fde7e8b896df8fe336a78b6e5f02646f8fd2e4c222ead991e575aa6c40adc8e
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
800532bf9b839ea479ad22d9735b2de456c113e98869f3d63cf92fe1643e469a
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
836b38cdbed3a29dc66669048e7c7f7588fbe2514f32b925a5f677e7c6722f36
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
852290a273dbe2f455180e9ec6f84de9a9d51d9d222ca8fe45e1f1cc59427964
86e812c5be86b790f559a1d2174a34961a3ad9a7171d514e72c66b966f11a060
88b1258dac80af1416de261b7b1ed0c629ba684d62b2217d6429c3c609c007d3
8b8da33976e16cb84f8ffe8224b95df6e90a1f81f604b99b0ed1b505c983f68b
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8ed948e6d6586fc5cfd9284799eb76290f6c6067a481efbb08e1720977b33c33
8f273840584f0246670b192fd23e6aac48cdad71d53ab3526d79f9fc90e88bb9
906cd3e196021347abd7bdd1b618fe4646399894b0cf13112da59dbd6957a81e
90980421e3762accc4e39e6d786c4fbf9cfc9b1e6bfc4a02550ef3fbbfc585f7
94ae49560f98f2b978bc4a2f3edf6cf5b89a9e8a8d05e7e6c47f06275d1b4d04
95e9b520e4fa4708a1c77240f74659b7964412a25f37c656cb1cb05cfed6b324
96ad4daa65142f22e17fd212940a4997af6e475206bd70a8da1a4e293f9c2d88
97a7980a664c89f5b5d3b500b6632a8c4ba82eafaeaa7747e4c0e8dda9311220
9838cf0fe876be799851d050135c445d90b5bba432de6f60f4fa68ed7d6a0dc5
986f669d1c720cb7da6f3ad0fb5bb8157f5f8e56d326cf1dfe28b2e926d0f389
98ce235596c3042bd01d1609085f467f2d3630b54912434289bdf50c329d8c52
9a3a58738834d6debdc3f257a5775601741fe7ea062eb48c8eb02ee0ad601f20
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d12d07d40ba2f3439d466eba90f27f46581293306f8be3acbb0909a89b4e85a
9de4631fb6802442e80c56133c419f2ce1d5979d17c33b421d5dec1d23468571
9eb9ed81998ce0973c185875c0b30b8bb4279f57cb64287508b1a0ab058afae5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1f7724ef64a25174ce00e12b55284e5fc652f58ef84a46bb6719d234fdb1e8e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a615744c7dfb237db4c0ce46629d5298aae24d33f26495051f38801d7f5bc355
a7b0e537ecabd3d1f81dc4c203a245b706c3cc3eed9089097c5c755a835786aa
a88612c30065167e44811cfd5d60805d6679a2cb4efbaf1c0b66d658195bd7ef
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aced13c5cde18af20f9f6d8691609ddd5c748c18e0437e5e887a960977f5c73d
b05c53bea43812b44e419f33dc164c279d0ee87cb23084d657202bca8017bec8
b0b6c2ef65f2486f7be1c3b49a50e88ed2602d29d1f9ecb03ddd4e198c8e5910
b0d7134c0e26c077d8c5b6a60a737e8a44bd139902d23cec1d43ea2537a9d369
b12390e1b07b48f7f39eae46cde591722b88a87e485e3c7865803dc9a41b7e4b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bc671699d3846825ef343ce07104f81335c549a5278d232bbfaa5eac8beaf9
b31b08f5197d4bce6f97586010b2699dd3574d0b5dcb9735aa4b31ebf7a39b77
b364aa5ec35c70520296a6172a1d7963535eeb7f6b246f41cf66af5d315f1215
b57c9aa30eb75613091d6753b26caa6b3a56e24b7326ec4512a2ba17678def7d
b7d079bf21e72c5449d5aa75a4916c4556a0fd2b02cadd2a93aa1d1529957722
bb3e1f3c644327568157cc6d5b75158841a4101887e0e22f9359dcd5f59ecaff
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc04e6a69cfcf1b12f47e1b34e7c4520e665a2bcb0d8b86d27c368bc7fd254c6
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc49d730beb32edf6e32c08ff69f00baee5c4b42a7aa9434736564c1b7402493
bd0cba1a894b8a9bebd1394cfa675116713f9045497993f05291cd6a0b501f63
bd1f0ba991b730edbc9e72f9a6f8a290ef8d852644c9629dc479c7eb18c1ea1b
bdf77c2e2ee4fce5ccc2a8b4105861708c75bda5ffe264b80ba86d5201aa2aed
c17cf0e01b410087dbe8dc19706c995f4d3b246e64e1db192138dd6fe826cc4b
c287ba7fe796611bb01f2fd3996698167128d05427019e7f97d48b961cba3b1f
c33d64587a75589b501bccbd5377d98eb3d03a2ab5ce837e6bbecd29c4a00f33
c49acbce18de283ee4d071ecb179378db91393dbf7ac081da6c321f866eed7b8
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
cc041c68a2177f55b4e9ce51c16fbd2c038effbaba704a9627e02e587d1bbc25
d048cc09d273d7e4780aac3932582a69db2ae9d2c33ca2595dff3d28544677b7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3491fe6c338d467ebefaa17e5b787b46c1a4edb9d19d40fbea28e7eeb47f92f
db14f5793d357dcf51166ba19a5b233cc9d9bbcc059f160e2f0069b23441dca1
db8b02e27648c8923b73cb3b9582718641e079897b7bfd4b32e74786e8565200
e3a576a4b8b83bc391d8bf0c32615034f810a324153bac6ada9818a92db23772
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d250710905b1e58c752cfcb0b3a1f35623fd5b86764fbf9e8b0b0392f2ca32
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e92728d3f84f8648d013fffa073f09ffd774aefb957c5bc08b98c9af97c28979
e97b1156d1db6c7109d8386cdce6cd9c6ecff3d22e632ca5cee00c271fbb9aca
e9eff4ad2995ee45f57645ea95d199c857ca5f9661a101b94a35f9ea7f2d55e6
eda8f2817f63788e1b2bdbd7515cc6a1ab84f81bcca67055bd9f515282db0e8a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7461c0051b325805c887adc6357a464dae3efad3720214b91799a501afb62c
f0bdf831bc0414f96ebd455a30c1ded4739f659071f0dbb60be94a3d4acd8f4e
f2091cf995fc533dc55280f08dd7145512f4362a849b749227d02d97643ae695
f8ce6f350e90bbf4799d659b4555945cf96010490800a128ef48bcd33ece1b8e
f97e249d0d02045935033d1bf463910f81ae1fe89a5ed9b61c1dd369f18f06ea
f989066757a82b34734e6ba6823770f5f1b0f3da11595bf1cb846a91c602ec07
f9c22b1c52421d79788e5590f0b33e9847080e119b367d23f7a3ab8fc793d986
fb0e8e164f8f994c3be7045bd8eb86334380d96b47561956b046592d145d755a
fc69368148e766881cecd7247479b601ea1dda8a017c960f3311e8fec7f63fd7
fe2182626d97612dfb6390dba18118a5f65a65d912fdbe4a9bc2e158f5c13dc3
feebe1fce6a2c5b44c30aca519403f048c63e4d0f021a472052065feccefc441

www.ensonhaber.com Open in urlscan Pro 89.187.169.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

297 Requests

92 %HTTPS

46 %IPv6

35 Domains

50 Subdomains

39 IPs

8 Countries

3785 kBTransfer

8584 kBSize

40 Cookies

22 Outgoing links

Page URL History

Redirected requests

297 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ensonhaber.com Open in urlscan Pro
89.187.169.43 Public Scan

Screenshot
Live screenshot

Full Image

297
Requests

92 %
HTTPS

46 %
IPv6

35
Domains

50
Subdomains

39
IPs

8
Countries

3785 kB
Transfer

8584 kB
Size

40
Cookies

297 HTTP transactions
10 data transactions