urlscan.io logo urlscan.io
SecurityTrails logo

www.ensonhaber.com Open in urlscan Pro
2606:4700:10::6816:3f4e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ensonhaber.com/
Effective URL: https://www.ensonhaber.com/
Submission: On September 10 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 10 countries across 57 domains to perform 462 HTTP transactions. The main IP is 2606:4700:10::6816:3f4e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ensonhaber.com. The Cisco Umbrella rank of the primary domain is 129698.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.
This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
18 141.94.202.176 16276 (OVH)
1 13.32.110.107 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 3.231.52.38 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
25 35.186.238.232 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
2 157.90.0.13 24940 (HETZNER-AS)
2 4 185.86.137.126 201081 (SMARTADSE...)
2 192.96.200.41 30633 (LEASEWEB-...)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
29 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 157.90.211.246 24940 (HETZNER-AS)
1 185.86.137.114 201081 (SMARTADSE...)
1 35.241.45.217 15169 (GOOGLE)
8 2a04:4e42:600... 54113 (FASTLY)
8 2a04:4e42:400... 54113 (FASTLY)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
2 3 52.213.71.221 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
10 36 142.250.186.162 15169 (GOOGLE)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
2 3 185.89.210.141 29990 (ASN-APPNEX)
19 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
1 34.102.243.38 15169 (GOOGLE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 18.157.110.72 16509 (AMAZON-02)
2 151.101.130.49 54113 (FASTLY)
2 3.33.220.150 16509 (AMAZON-02)
2 3 51.38.120.206 16276 (OVH)
1 185.86.139.104 201081 (SMARTADSE...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2 169.50.137.182 36351 (SOFTLAYER)
3 3 35.186.193.173 15169 (GOOGLE)
3 3 216.52.2.19 32475 (SINGLEHOP...)
3 3 3.126.56.137 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 178.250.2.135 44788 (ASN-CRITE...)
3 178.250.0.162 44788 (ASN-CRITE...)
4 34.98.64.218 15169 (GOOGLE)
4 104.111.242.245 16625 (AKAMAI-AS)
6 172.217.18.2 15169 (GOOGLE)
1 2 52.209.199.248 16509 (AMAZON-02)
1 213.202.235.9 24961 (MYLOC-AS ...)
1 2620:116:800d... 16509 (AMAZON-02)
3 3 37.157.2.234 198622 (ADFORM)
1 198.47.127.19 3257 (GTT-BACKB...)
2 2 69.173.144.139 26667 (RUBICONPR...)
2 2 76.223.111.18 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 35.186.253.211 15169 (GOOGLE)
2 2 54.77.13.34 16509 (AMAZON-02)
3 3 213.19.147.45 3356 (LEVEL3)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
5 205.185.216.10 20446 (STACKPATH...)
1 2a00:1450:400... ()
462 63
38    2606:4700:10::6816:3f4e (United States)

ASN13335 (CLOUDFLARENET, US)
ensonhaber.com
www.ensonhaber.com
icdn.ensonhaber.com
m.ensonhaber.com
1    2606:4700:10::ac43:28c4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ensonhaber.com
8    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
18    141.94.202.176 (France)

ASN16276 (OVH, FR)
PTR: ns31491888.ip-141-94-202.eu
emea.hhkld.com
hhkld.com
viavideo.digital
ru.hhkld.com
rtb.viavideo.digital
1    13.32.110.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-107.vie50.r.cloudfront.net
cdn.heapanalytics.com
16    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
14    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    3.231.52.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-52-38.compute-1.amazonaws.com
heapanalytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
21    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pubads.g.doubleclick.net
6    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
7    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
28    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
25    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    157.90.0.13 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.0.90.157.clients.your-server.de
s.richaudience.com
4    185.86.137.126 (France)

ASN201081 (SMARTADSERVER, FR)
videoapi.smartadserver.com
2    192.96.200.41 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
5    2a02:26f0:3500:11::215:14da (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
monetize-static.viralize.tv
29    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
47    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    157.90.211.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.211.90.157.clients.your-server.de
sync.richaudience.com
1    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
8    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
8    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    52.213.71.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
4    2600:9000:223f:800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:26f0:ab00::b819:32c1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
36    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
19    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    18.157.110.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-110-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2a02:26f0:3500:c::5c7b:6805 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
servg.playstream.media
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
2    52.209.199.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-199-248.eu-west-1.compute.amazonaws.com
skydeutschland.demdex.net
1    213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
8    2600:1f18:1aca:4280:c8cd:8315:7b13:5ece (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    54.77.13.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-13-34.eu-west-1.compute.amazonaws.com
match.360yield.com
3    213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    2a05:d018:d29:3602:7ccc:efc7:12f7:54b2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
di-j9ffzxea.leasewebultracdn.com
1    2a00:1450:4001:64::7 (None, )

ASN- ()
rr2---sn-4g5e6nsy.googlevideo.com
Apex Domain
Subdomains		 Transfer
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
stats.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
cm.g.doubleclick.net — Cisco Umbrella Rank: 303
pubads.g.doubleclick.net — Cisco Umbrella Rank: 368
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
359 KB
63 googlesyndication.com
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
284 KB
47 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
1012 KB
39 ensonhaber.com
ensonhaber.com — Cisco Umbrella Rank: 88057
www.ensonhaber.com — Cisco Umbrella Rank: 129698
icdn.ensonhaber.com — Cisco Umbrella Rank: 127888
m.ensonhaber.com — Cisco Umbrella Rank: 150162
1 MB
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
pix.eu.criteo.net — Cisco Umbrella Rank: 5551
csm.eu.criteo.net — Cisco Umbrella Rank: 5700
3 MB
30 viralize.tv
ads.viralize.tv — Cisco Umbrella Rank: 19275
monetize-static.viralize.tv — Cisco Umbrella Rank: 19244
949 KB
25 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 456
4 MB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 19
3 KB
15 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 867
static.adsafeprotected.com — Cisco Umbrella Rank: 791
fw.adsafeprotected.com — Cisco Umbrella Rank: 1021
dt.adsafeprotected.com — Cisco Umbrella Rank: 735
96 KB
11 viavideo.digital
viavideo.digital — Cisco Umbrella Rank: 57345
rtb.viavideo.digital
511 KB
8 polyfill.io
polyfill.io — Cisco Umbrella Rank: 2107
2 KB
8 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 9414
76 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
42 KB
7 hhkld.com
emea.hhkld.com — Cisco Umbrella Rank: 175642
hhkld.com — Cisco Umbrella Rank: 42912
ru.hhkld.com — Cisco Umbrella Rank: 70810
188 KB
6 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9447
ads.eu.criteo.com — Cisco Umbrella Rank: 5636
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 10082
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7382
97 KB
6 smartadserver.com
videoapi.smartadserver.com — Cisco Umbrella Rank: 13009
www8.smartadserver.com — Cisco Umbrella Rank: 6699
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1267
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
247 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3423
onesignal.com — Cisco Umbrella Rank: 947
img.onesignal.com — Cisco Umbrella Rank: 6452
101 KB
5 leasewebultracdn.com
di-j9ffzxea.leasewebultracdn.com — Cisco Umbrella Rank: 37955
928 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 708
rtb.openx.net — Cisco Umbrella Rank: 2282
896 B
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1510
688 B
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 419
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 772
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1268
r.turn.com — Cisco Umbrella Rank: 5065
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904
3 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 1015
2 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
33 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 872
2 KB
3 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50041
654 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1117
820 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 329
3 KB
3 richaudience.com
s.richaudience.com — Cisco Umbrella Rank: 23095
sync.richaudience.com — Cisco Umbrella Rank: 3036
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5202
www.google.de — Cisco Umbrella Rank: 3469
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 807
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 5953
783 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 652
955 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 494
919 B
2 demdex.net
skydeutschland.demdex.net — Cisco Umbrella Rank: 48019
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1468
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 486
529 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 949
260 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1307
2 KB
2 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 14194
814 B
2 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 25547
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 5886
heapanalytics.com — Cisco Umbrella Rank: 4951
43 KB
1 googlevideo.com
rr2---sn-4g5e6nsy.googlevideo.com
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5005
104 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1901
573 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 743
862 B
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 891
166 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1531
463 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11230
1 KB
1 playstream.media
servg.playstream.media — Cisco Umbrella Rank: 85280
415 B
1 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 2691
253 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 2650
4 KB
0 gstatic.com Failed
csi.gstatic.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
462 57
Domain Requested by
47 s0.2mdn.net imasdk.googleapis.com
www.ensonhaber.com
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
s0.2mdn.net
36 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
35 icdn.ensonhaber.com www.ensonhaber.com
icdn.ensonhaber.com
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
cdn.ravenjs.com
28 pagead2.googlesyndication.com www.ensonhaber.com
securepubads.g.doubleclick.net
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
25 imasdk.googleapis.com hhkld.com
imasdk.googleapis.com
monetize-static.viralize.tv
di-j9ffzxea.leasewebultracdn.com
25 ads.viralize.tv hhkld.com
monetize-static.viralize.tv
www.ensonhaber.com
di-j9ffzxea.leasewebultracdn.com
20 pubads.g.doubleclick.net imasdk.googleapis.com
19 static.criteo.net ads.eu.criteo.com
14 securepubads.g.doubleclick.net icdn.ensonhaber.com
www.googletagservices.com
securepubads.g.doubleclick.net
www.ensonhaber.com
12 pix.eu.criteo.net ads.eu.criteo.com
10 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
9 viavideo.digital hhkld.com
8 dt.adsafeprotected.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
8 polyfill.io monetize-static.viralize.tv
di-j9ffzxea.leasewebultracdn.com
8 cdn.ravenjs.com monetize-static.viralize.tv
di-j9ffzxea.leasewebultracdn.com
8 www.googletagmanager.com www.ensonhaber.com
7 www.google.com www.ensonhaber.com
tpc.googlesyndication.com
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.ensonhaber.com
6 googleads.g.doubleclick.net 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
www.ensonhaber.com
6 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.googletagservices.com icdn.ensonhaber.com
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
5 di-j9ffzxea.leasewebultracdn.com hhkld.com
di-j9ffzxea.leasewebultracdn.com
5 monetize-static.viralize.tv hhkld.com
monetize-static.viralize.tv
5 hhkld.com emea.hhkld.com
www.ensonhaber.com
hhkld.com
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 static.adsafeprotected.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
fw.adsafeprotected.com
4 videoapi.smartadserver.com 2 redirects
3 c1.adform.net 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
3 cdnjs.cloudflare.com ads.eu.criteo.com
s0.2mdn.net
3 ups.analytics.yahoo.com 3 redirects
3 ap.lijit.com 3 redirects
3 gcm.ctnsnet.com 3 redirects
3 onetag-sys.com 2 redirects 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 onesignal.com cdn.onesignal.com
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 eb2.3lift.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 fw.adsafeprotected.com 1 redirects www.ensonhaber.com
2 skydeutschland.demdex.net 1 redirects 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
2 um.simpli.fi 2 redirects
2 match.adsrvr.org 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 r.turn.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 creatives.sascdn.com hhkld.com
2 ads.eu.criteo.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
2 ads.aralego.com hhkld.com
2 s.richaudience.com hhkld.com
2 rtb.viavideo.digital hhkld.com
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.onesignal.com www.ensonhaber.com
cdn.onesignal.com
2 www.ensonhaber.com 1 redirects
1 rr2---sn-4g5e6nsy.googlevideo.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 dclk-match.dotomi.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 rtb.openx.net 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 image6.pubmatic.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 cms.quantserve.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 m.exactag.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 servg.playstream.media imasdk.googleapis.com
1 ssbsync.smartadserver.com 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
1 pandg.tapad.com pghub.io
1 rtb.fr.eu.criteo.com www.ensonhaber.com
1 pixel.adsafeprotected.com 1 redirects
1 rtb.nl.eu.criteo.com www.ensonhaber.com
1 pghub.io www.ensonhaber.com
1 www8.smartadserver.com www.ensonhaber.com
1 sync.richaudience.com www.ensonhaber.com
1 img.onesignal.com
1 www.google.de www.ensonhaber.com
1 ru.hhkld.com hhkld.com
1 stats.g.doubleclick.net www.google-analytics.com
1 m.ensonhaber.com icdn.ensonhaber.com
1 heapanalytics.com www.ensonhaber.com
1 cdn.heapanalytics.com www.ensonhaber.com
1 emea.hhkld.com www.ensonhaber.com
1 ensonhaber.com 1 redirects
0 csi.gstatic.com Failed imasdk.googleapis.com
0 google2waycm.netmng.com Failed 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
462 90
Subject Issuer Validity Valid
ensonhaber.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
hhkld.com
R3		 2022-08-26 -
2022-11-24		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2022-07-29 -
2023-08-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
viavideo.digital
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2021-11-10 -
2022-12-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
monetize-static.viralize.tv
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
wl.aniview.com
R3		 2022-08-15 -
2022-11-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.leasewebultracdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-08-30 -
2022-11-08		 2 months crt.sh

This page contains 53 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: 4DE640F24B5A52617FBDE770AC190099
Requests: 116 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E054865B6ED29FC4A1B230BE7B64DDE
Requests: 1 HTTP requests in this frame

Frame: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Frame ID: 1A781CAEF1D82B8E717E293566A718C8
Requests: 6 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C4EC52DD51F4F5E179AEE931224B4F5
Requests: 9 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9F4B8D0D7B5ACF3A1BF4191C6F756E79
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 4C5B7A1A88D96B443A49779391C1388F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 9D4BDA09C1DB03202434E0959D45C8BB
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: EC3F028235C7543DD52EB0392814692D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 37214F2FA25A4371AE06BAEFE3189EE2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: F2A11DAE3D1DEC75B226B40CCE2DBAC9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 21DAD0CD7D2FD82F08382E43C6C0C14F
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 52B02C0AE4F371FB9626686B1C6C0F5D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 405240059D5AF70C241412D9E3942EDB
Requests: 2 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAF35A9832491DD767E10A24778967A6
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: D5005D97FB140ECA0B7424E61E81E681
Requests: 9 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA71C913DE86BDBA38F71E5109051472
Requests: 26 HTTP requests in this frame

Frame: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9024BCB59580C7FEB8769FE9FAA75BAA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DB4479238B92D6DFFDC164B1AC54706
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4FF8B60413219D62AAA81F52D1A481CE
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Frame ID: 196C6E8535D9271E389C129E9FBE87DB
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8007C7BA485F80BD9D915F7D138E033F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Frame ID: 1E504512E16B6164E120DC0B5482B7E0
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Frame ID: A3864E2D9AC1E6E2DDBD44DE1652BE90
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECD76D0FB5CBDB912059514511A97993
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Frame ID: DAA39966547B4F159007032A1BF1D936
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Frame ID: A18C87490C58260B0CD607BE432A2CEC
Requests: 5 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.ensonhaber.com%2F&owner=P%26G&bp_id=showheroes&initiator=js
Frame ID: B4FDEACC8B5AE57C86020F3A6B5482D3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 4C1EEB65D29043BB326CD528874FCE5A
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Frame ID: 937B094BA7BA27F3F7D95ADD001D5F0A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 501B4740F2DA3887DD3CA4B463F496F4
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Frame ID: DCD5B7AFDF3257B35C190E95D0C67644
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9085EAEF2948C1579D1289B69C2E13D4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BB872ADB899CAFB3729B857DFB15027A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9F2ABE3F044A589AA612864BE9152D71
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
Frame ID: 898CD2365397492AB9466779E926D3C7
Requests: 16 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2F5E12A9AA1005912727840812E4805A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0232975DB5F14F56FBA1562EA9ECA92D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5656765DF345CAF8FC1ED142D7ADEC8C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: B0CD41258884257E4D6229558EDC36C0
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: FA2D2AF398E8F33EED652CED32D53F82
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: AC2A0B32061271FAE3B841980B90A099
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 6BD51056269D160410F709358C8EBBC4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 3E5DE6192491DC18C51C1BDDAF3B05F2
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 84C1E7ED1D712E374383440C7A3C2216
Requests: 2 HTTP requests in this frame

Frame: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Frame ID: D0B7F2324D943273BB639C2B9651948D
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 7AB1C2EB7CA356B4E400E0F6F0AF29E3
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: E61795F73CF317A64AD286A5803FFC17
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: FDE2CC1D636713783AA835C418BCBF37
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 02C409499EC8A73A0C88D132A43651AB
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 27AD02252D8FE2E6512C53101B40ACE4
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 07A26B5FA88C94B91F59240E97F2C8A2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: C6E0736347F3D4656305D2CF2E1CE511
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Frame ID: 4A6562407851C3743763032257C0CF09
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

En Son Haber: Son Dakika Haberler, Güncel HaberlerViads Video Advertising

Page URL History Show full URLs

  1. https://ensonhaber.com/ HTTP 301
    http://www.ensonhaber.com/ HTTP 301
    https://www.ensonhaber.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

462
Requests

90 %
HTTPS

45 %
IPv6

57
Domains

90
Subdomains

63
IPs

10
Countries

13881 kB
Transfer

31748 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ensonhaber.com/ HTTP 301
    http://www.ensonhaber.com/ HTTP 301
    https://www.ensonhaber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331 HTTP 302
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331&cklb=1
Request Chain 133
  • https://pixel.adsafeprotected.com/rfw/st/1083870/65517243/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=18151529235&bidurl=https://www.ensonhaber.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hSyVlBYa_xn8-iORSLXlTp HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
Request Chain 149
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxy9FvPC9zyPuxYf0hbRyQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDhoXCB9iKyFReDGmH4ZxX4&google_cver=1
Request Chain 151
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2OTMwNDI0NjgwNDkzNzU5Nw%3D%3D
Request Chain 183
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbQqebbGMqSkNdLMbVpYc0&google_cver=1&google_push=AehlK4AyQsd8lAx-jeerzqqEkx0SoBQJUJJdNklN3wT0bpm7YRH9lTSPIS431u4OeN5POpKeM00dOKblp-r3bbFn64ut-UiaIqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjAyMTIyNTAyMjc4MTY1MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
Request Chain 184
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47BsJtHBIz6gCc0q0KrZBkai9B4ohPpKNYPMUxlarUsGVg8_X1u60S1g HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47BsJtHBIz6gCc0q0KrZBkai9B4ohPpKNYPMUxlarUsGVg8_X1u60S1g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mmw5UWx6VncxT3gzdGM1&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47BsJtHBIz6gCc0q0KrZBkai9B4ohPpKNYPMUxlarUsGVg8_X1u60S1g
Request Chain 188
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDEd7pNtuJnwLFvy4N9mpzs&google_cver=1&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjohaN-U780F6va3pJ4E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjohaN-U780F6va3pJ4E
Request Chain 201
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM9r1F8psxFoDa7-rGzP9D8&google_cver=1&google_push=AehlK4AS37vRdqmGebmZMFp6tBhn8sIH_0Nh7kYAJQlWxh8Zhl6YYJcZtRJghGDbjADUILuDH9Jx7YVowyehHIAr7tbJtsENTCXv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjAyMTIyNTAyMjc4MTY1MQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
Request Chain 202
  • https://um.simpli.fi/gp_match?google_gid=CAESEN-smx_LOjmv6VXEo5x9Lbk&google_cver=1&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT30yX299wRC0iM6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT30yX299wRC0iM6
Request Chain 204
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHINRvcsQd7_72i66VjYlTs&google_cver=1&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8UFQhsGvMRRCLB79-A0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8UFQhsGvMRRCLB79-A0&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Request Chain 205
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJUGr81nVTK4ql1vEoEOKpU&google_cver=1&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJUGr81nVTK4ql1vEoEOKpU&google_cver=1&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
Request Chain 206
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBYZtMxYKSkPrEwI2ZdSAU&google_cver=1&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0zQ3wf24UCVQxbvtnlAGwLgfAKQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBYZtMxYKSkPrEwI2ZdSAU&google_cver=1&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0zQ3wf24UCVQxbvtnlAGwLgfAKQ&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0zQ3wf24UCVQxbvtnlAGwLgfAKQ
Request Chain 207
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9HEFjSqUXZG6m-aGrXnaQ&google_cver=1&google_push=AehlK4DO-8giIBbI1GtC0Y64RpuNg0ujGUvwAozRKzxb3_cBg_PRxv8EYCaLJhDjLTQm_Aq6amHljgDUTf2HlFS2mGT9cAtUXQVO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DO-8giIBbI1GtC0Y64RpuNg0ujGUvwAozRKzxb3_cBg_PRxv8EYCaLJhDjLTQm_Aq6amHljgDUTf2HlFS2mGT9cAtUXQVO HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
Request Chain 235
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdpr_consent= HTTP 302
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdpr_consent=
Request Chain 278
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJDkn9W2byT509ZpWd4MARE&google_cver=1&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVzZBj_LsbZiNZ7QSV3uDY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJDkn9W2byT509ZpWd4MARE&google_cver=1&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVzZBj_LsbZiNZ7QSV3uDY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM5ODg4ODcyMjM4NjY4NzgyMQ&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVzZBj_LsbZiNZ7QSV3uDY
Request Chain 280
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEASE1LWUJmYMVFakRMRZS6U&google_cver=1&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXWLDMikRBOQ0OWpSEZhFo7hq3E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMVVMtMU0tRzZXQQ==&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXWLDMikRBOQ0OWpSEZhFo7hq3E
Request Chain 281
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED4_Vne4ddrdBc-vY_894Zg&google_cver=1&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z&google_gid=CAESED4_Vne4ddrdBc-vY_894Zg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzczNjMyNjk0MjU5MTI0NDI1MA%3D%3D&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z
Request Chain 297
  • https://fw.adsafeprotected.com/rfw/st/1171896/65674243/skeleton.js?adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:4982103f-b987-8ad6-de54-181ba7357488,c:nPxotb,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-585d8b8594-w2fwg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:356,mot:0,app:0,maw:0,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:378,oid:be614f7e-3126-11ed-808a-ba209175d3a4,v:19.8.347,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 305
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPW8UfzB5oYVuVn5GPl4mt8&google_cver=1&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLwfVhLEZ7hPAh6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLwfVhLEZ7hPAh6
Request Chain 306
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOp1ZebMAbDq5jBR12PQtE&google_cver=1&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4BlIP8giCAjXpCHjYSe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4BlIP8giCAjXpCHjYSe&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Request Chain 308
  • https://match.360yield.com/match/ebda?google_gid=CAESEDu1BLdcsaTKUcXpIH8p8iU&google_cver=1&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0AqbHr1 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDu1BLdcsaTKUcXpIH8p8iU&google_cver=1&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0AqbHr1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ylz_AbsjRbWu2axY-s83VQ&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0AqbHr1
Request Chain 309
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEAqnHnPwXaJRLks2vUpVbC0&google_cver=1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1662827800038 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ef68398b-627c-42e2-a809-fc87a4c72628-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs%26google_hm%3DA-9oOYtifELiqAn8h6THJig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&google_hm=A-9oOYtifELiqAn8h6THJig
Request Chain 310
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELcp_D5xxPyAnKyov64J4AM&google_cver=1&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRWug8Od7CS-SJXmVAZmTN73Ue0GEBI_uBfFyg71zsoz99GA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRWug8Od7CS-SJXmVAZmTN73Ue0GEBI_uBfFyg71zsoz99GA
Request Chain 314
  • https://um.simpli.fi/gp_match?google_gid=CAESEDpji3umjWM4wMCdwESCrEA&google_cver=1&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKBtVFovFPPJy31NKw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKBtVFovFPPJy31NKw
Request Chain 315
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBBTzq-WmhF08VzqNAyNs7k&google_cver=1&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlRb1O8X786NK-AUQpIX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlRb1O8X786NK-AUQpIX&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Request Chain 316
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKatzPh4moD81GkSnb8AwqQ&google_cver=1&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-3HOH2pQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-3HOH2pQ&google_hm=NjY2Mjg5NTEzNjc5NDU1NDQwMA%3D%3D
Request Chain 317
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI4m-C9onOcHh89OcLoQSpQ&google_cver=1&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV0d7Na8jH-AZyoFNB5R2Ct3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYyMTY0MjMzODk3NDc0OTMwMA&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV0d7Na8jH-AZyoFNB5R2Ct3
Request Chain 318
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJIDPiiuRF9dRQd_z9bTFs&google_cver=1&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wrV0syrIKCO305dZvsroqcBUYKfxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMWU4tVy02TEgz&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wrV0syrIKCO305dZvsroqcBUYKfxw
Request Chain 319
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEODg_DdMYtR3Ecya-oR49ro&google_cver=1&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyHQ_Z2THZpyj8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyHQ_Z2THZpyj8&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
Request Chain 407
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889 HTTP 302
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889&cklb=1

462 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ensonhaber.com/
Redirect Chain
  • https://ensonhaber.com/
  • http://www.ensonhaber.com/
  • https://www.ensonhaber.com/
190 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3e29586689c6d50d230826f4c244830245230bc68bea24c96481ced47d8ccbe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7489955cad2e920d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 10 Sep 2022 16:36:36 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-server-count
cl02

Redirect headers

Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
7489955c0dbb6946-FRA
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 10 Sep 2022 16:36:35 GMT
Location
https://www.ensonhaber.com/
Pragma
no-cache
Server
cloudflare
Transfer-Encoding
chunked
X-SERVER-COUNT
cl02
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.min.css
icdn.ensonhaber.com/cdn/desktop/css/ 		138 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4521805
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Mon, 05 Apr 2021 12:53:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5184000
cf-ray
7489955d7e48920d-FRA
expires
Sun, 18 Sep 2022 08:33:02 GMT
jquery.js
icdn.ensonhaber.com/cdn/desktop/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4902
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Sat, 09 Apr 2022 08:26:02 GMT
server
cloudflare
etag
W/"6251431a-17756"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
7489955d7e4c920d-FRA
cf-bgj
minify
home.js
icdn.ensonhaber.com/cdn/desktop/js/ 		242 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/js/home.js?v=2.0.0.0.5.2.2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e05b4d98ed4231ac519df0a3e2f34f5cc4f3e5ddb3cb2ae01c69deb66d76497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2727
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 09 Apr 2022 08:26:02 GMT
server
cloudflare
etag
W/"6251431a-3c60b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
7489955d7e49920d-FRA
cf-bgj
minify
sf-r.woff2
icdn.ensonhaber.com/cdn/desktop/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/sf-r.woff2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
5537
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28560
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-6f90"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955dcd9c5c4a-FRA
h-m.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/h-m.otf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
5489
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90660
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-16224"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955dcda15c4a-FRA
esh-icon.ttf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/esh-icon.ttf?v=1.4
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
5407
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11912
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-2e88"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955dcda35c4a-FRA
h-sb.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/h-sb.otf
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d

Request headers

Referer
https://www.ensonhaber.com/
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
2119
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91284
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-16494"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955dcda65c4a-FRA
logo.png
icdn.ensonhaber.com/cdn/desktop/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/logo.png
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
228067
x-msg-hkn
/
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14744
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-3998"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955deeeb920d-FRA
expires
Thu, 20 Oct 2022 06:23:13 GMT
dsa_7543.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/07/27/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/07/27/dsa_7543.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a10dc00f84c57e2f6def71503359e3769ae822a9222bbfc0156f6f2b0e17b443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
22839
cf-polished
origSize=11017, status=webp_bigger
x-msg-hkn
/
content-length
10024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Wed, 27 Jul 2022 09:04:29 GMT
server
cloudflare
etag
"62e0ff9d-2b09"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 08 Nov 2022 16:55:36 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489955deeed920d-FRA
cf-bgj
imgq:100,h2pri
01-s.png
icdn.ensonhaber.com/cdn/mobil/assets/img/weather/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/mobil/assets/img/weather/01-s.png
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae4a5084dbca740adcb023de9cc40a4826e9e8a64e9a485364678cd5ba956bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
175116
cf-polished
origSize=4149
x-msg-hkn
/
content-length
3241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Sun, 15 Mar 2020 15:34:40 GMT
server
cloudflare
etag
"5e6e4b10-1035"
vary
Accept, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 06 Nov 2022 07:40:49 GMT
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955deeee920d-FRA
cf-bgj
imgq:100,h2pri
bosna-kasabi_6313.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/bosna-kasabi_6313.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5696fbd0500ad96a624c4d61c073726c220d30c9f63a86174074009ab3a4172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
240
cf-polished
origSize=118836, status=webp_bigger
x-msg-hkn
/
content-length
112148
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 16:32:24 GMT
server
cloudflare
etag
"631cbc18-1d034"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 16:32:25 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489955deef0920d-FRA
cf-bgj
imgq:100,h2pri
ph.png
icdn.ensonhaber.com/cdn/desktop/img/ 		85 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/ph.png
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda102fdc78e36a46af3c6223b91bf8e0e15ef7ef1debb7567f57fb3b39e97e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4983282
cf-polished
origSize=939
x-msg-hkn
/
content-length
85
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Thu, 09 Jul 2020 11:18:28 GMT
server
cloudflare
etag
"5f06fd04-3ab"
vary
Accept, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Fri, 19 Aug 2022 14:50:07 GMT
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955deef4920d-FRA
cf-bgj
imgq:100,h2pri
ivana-sert_2762.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ivana-sert_2762.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68db6d031b7ef4a7bc0236aeaf6ccdcfa5453fe4eeb2bdf89ea1ea925a6a9269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
904
cf-polished
origFmt=jpeg, origSize=164265
x-msg-hkn
/
content-length
91652
content-disposition
inline; filename="ivana-sert_2762.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 16:21:30 GMT
server
cloudflare
etag
"631cb98a-281a9"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 16:21:30 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489955deef5920d-FRA
cf-bgj
imgq:100,h2pri
cattop-placeholder.gif
icdn.ensonhaber.com/cdn/desktop/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/cattop-placeholder.gif
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1535702
cf-polished
status=not_needed
x-msg-hkn
/
content-length
3311
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-cef"
vary
Accept, Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
expires
Fri, 21 Oct 2022 09:23:35 GMT
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955deef7920d-FRA
cf-bgj
imgq:100,h2pri
IMG20220910065738.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/IMG20220910065738.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4620d3adadbf1f44a5247075351303eaff08bfacdd13934410e8805afd9a421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 30m
cf-cache-status
HIT
age
2225
cf-polished
origSize=9396, status=webp_bigger
x-msg-hkn
crop
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
hakan
227
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d27b940554121a0663343963781dbb6ffcdc0215"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 11 Sep 2022 15:59:30 GMT
cache-control
max-age=86400,public
content-length
9202
cf-ray
7489955deef8920d-FRA
x-msg-cdn
01
IMG20220910063817.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/IMG20220910063817.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91eef6a391bd49d97e103598d44ec3b92cfcd47cf5af39bd4f79929efbee5c98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 30m
cf-cache-status
HIT
age
3397
cf-polished
origSize=4621, status=webp_bigger
x-msg-hkn
crop
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
hakan
227
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"0160544f6cf818d6dfeb55453755f92ba7f5a2ae"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 11 Sep 2022 15:39:57 GMT
cache-control
max-age=86400,public
content-length
4356
cf-ray
7489955deefa920d-FRA
x-msg-cdn
01
terorist_7384.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/09/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/09/10/terorist_7384.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ff77c2e935db9607bea54351b80b18327a75134bb471172ae69019cf3c81cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 30m
cf-cache-status
HIT
age
3871
cf-polished
origSize=10104, status=webp_bigger
x-msg-hkn
crop
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
hakan
227
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"578675547da051cf705a08b07a1b2473db7ec91b"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 11 Sep 2022 15:32:05 GMT
cache-control
max-age=86400,public
content-length
9962
cf-ray
7489955e0f1e920d-FRA
x-msg-cdn
02
sehit-ramazan-uackci_1288.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/09/10/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/09/10/sehit-ramazan-uackci_1288.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49dab92f71063cc51cb04258af65534640d70373d2d06cdceb31606e95960d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 30m
cf-cache-status
HIT
age
3716
cf-polished
origSize=7496, status=webp_bigger
x-msg-hkn
crop
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
hakan
227
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d1c8f11449cec888dc6cfbf5af40d9d4acca93fb"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 11 Sep 2022 15:34:37 GMT
cache-control
max-age=86400,public
content-length
7292
cf-ray
7489955e0f1f920d-FRA
x-msg-cdn
01
IMG20220910062235.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/09/10/IMG20220910062235.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46803048ab080b79584eec72e6aa9b95762f1a52614011fcbd34f05adc97989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 30m
cf-cache-status
HIT
age
4338
cf-polished
origSize=10211, status=webp_bigger
x-msg-hkn
crop
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
hakan
227
accept-ranges
bytes
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"129f04bc9dbe83bc9081caa3c7e65c4314a87352"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 11 Sep 2022 15:24:18 GMT
cache-control
max-age=86400,public
content-length
10145
cf-ray
7489955e0f20920d-FRA
x-msg-cdn
02
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-955423-1
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9ff528cbddc89a8a5bbcc6594e5c0892d6b552506e2235a224eec15ec2097ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41946
x-xss-protection
0
last-modified
Sat, 10 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Sep 2022 16:36:36 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7489955e4dc7bbe9-FRA
date
Sat, 10 Sep 2022 16:36:36 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2321
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 16:36:36 GMT
cookieconsent.min.css
icdn.ensonhaber.com/Assets/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/Assets/cookieconsent.min.css?v=2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1705250
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Mon, 21 Sep 2020 14:19:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5184000
cf-ray
7489955deee9920d-FRA
expires
Thu, 20 Oct 2022 22:55:29 GMT
cookieconsent.min.js
icdn.ensonhaber.com/Assets/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/Assets/cookieconsent.min.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7489955e0f21920d-FRA
date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
last-modified
Mon, 21 Sep 2020 14:11:45 GMT
server
cloudflare
age
1053
etag
W/"5f68b4a1-226a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
load-104366.js
emea.hhkld.com/tag/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emea.hhkld.com/tag/load-104366.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
9c976c4a8c1655f63e6179a6d85c520ea2073b4d1249deb744ce74acd5eb2075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
heap-1607650922.js
cdn.heapanalytics.com/js/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1607650922.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-107.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
2adede7013921793ceb1a472f3d0b3f5457d645fb76c2299f3c9e1d74a1bfd43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:24 GMT
content-encoding
gzip
server
nginx
age
12
etag
W/"1b5ce-QDlkAu2nRQL5yEcQXAZLmQ"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
VIE50-C2
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6RAVf3aw5uPsztsxlTqqvNec2SaZ_ly17TciU5OSBlgBfk7JZk6vsA==
h-r.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		86 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/h-r.otf
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0

Request headers

Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
1468
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87724
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-156ac"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955dee205c4a-FRA
01d.svg
icdn.ensonhaber.com/cdn/desktop/img/ 		849 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/01d.svg
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d5499abdc043e57bce8c682aa74e758baf9613423d238414a50526d6998678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7489955e0c799bdd-FRA
date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
age
5488
etag
W/"5ea5b1b7-351"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
h-l.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/h-l.otf
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093

Request headers

Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4916
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77436
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-12e7c"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955e0816994a-FRA
sprite.png
icdn.ensonhaber.com/cdn/desktop/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/sprite.png
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4481328
cf-polished
origFmt=png, origSize=3353
x-msg-hkn
/
content-length
2838
content-disposition
inline; filename="sprite.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
HIT
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-d19"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 12 Sep 2022 21:53:22 GMT
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955e2cb39bdd-FRA
cf-bgj
imgq:100,h2pri
jquery.js
icdn.ensonhaber.com/cdn/desktop/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
120
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 09 Apr 2022 08:26:02 GMT
server
cloudflare
etag
W/"6251431a-17756"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
7489955e3cdf9bdd-FRA
cf-bgj
minify
vignette.js
icdn.ensonhaber.com/cdn/interstitial/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.2.2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
3029
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Mon, 17 May 2021 18:42:21 GMT
server
cloudflare
etag
W/"60a2b90d-1732"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
7489955e3ce09bdd-FRA
cf-bgj
minify
telegramicon.png
icdn.ensonhaber.com/cdn/desktop/img/ 		198 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/cdn/desktop/img/telegramicon.png
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0850d695c89d961eace5283188c73a7517c54bcc151ae5f6d560654fa941e15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4605401
cf-polished
origFmt=png, origSize=445
x-msg-hkn
/
content-length
198
content-disposition
inline; filename="telegramicon.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Mon, 05 Apr 2021 12:48:11 GMT
server
cloudflare
etag
"606b070b-1bd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 10 Sep 2022 19:45:54 GMT
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
7489955e5d039bdd-FRA
cf-bgj
imgq:100,h2pri
h-b.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 		83 KB
84 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/fonts/h-b.otf
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8

Request headers

Referer
https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.2
Origin
https://www.ensonhaber.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
4900
x-msg-hkn
js
x-vtex-cache-status-nginx-thumbor
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85472
last-modified
Sun, 26 Apr 2020 16:07:19 GMT
server
cloudflare
etag
"5ea5b1b7-14de0"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7489955e58b6994a-FRA
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7489955f1830bb62-FRA
date
Sat, 10 Sep 2022 16:36:36 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2322
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 13 Sep 2022 16:36:36 GMT
coreupdate.js
icdn.ensonhaber.com/cdn/desktop/core/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icdn.ensonhaber.com/cdn/desktop/core/coreupdate.js?version=2.0.0.0.5.2.2
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f1bcd1e601687bdc5c2c84ac1616cff05cb81d0710fbd05b99431716a7060c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
6472
x-msg-hkn
js
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Thu, 24 Mar 2022 07:36:49 GMT
server
cloudflare
etag
W/"623c1f91-3d9f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
7489955f3e7b9bdd-FRA
cf-bgj
minify
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e116408bfa7d9083f65c2cf6ab6ee7047e47d19120c9100f79e43f07c22e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28686
x-xss-protection
0
server
sffe
etag
"1329 / 304 of 1000 / last-modified: 1662761244"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 16:36:36 GMT
220623_d44559ff.js
hhkld.com/rucdn/js/player/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Requested by
Host: emea.hhkld.com
URL: https://emea.hhkld.com/tag/load-104366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
34be2197bfd59c3ea211cac38bb35369af43a05cc5165dfa260b62eaae17203e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
last-modified
Tue, 06 Sep 2022 10:18:43 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
site
hhkld.com/logs/req/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hhkld.com/logs/req/site?sid=104366&uid=&event=playerLoaded&v=206231&cb=1662827803630
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-955423-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5676
date
Sat, 10 Sep 2022 15:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 10 Sep 2022 17:02:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=www.ensonhaber.com%2F&tdp=UA-955423-1&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.init_consent&eid=-1&tc=1&dl=www.ensonhaber.com%2F&tdp=UA-955423-1&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.init&eid=0&tc=1&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.js&eid=1&tc=1&tr=1rep&ti=1rep&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtag.config&eid=2&tc=1&epr=1UA&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39822582732ca429a2dc917f29b0af36e610864638235395b829779f815301f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28693
x-xss-protection
0
server
sffe
etag
"1329 / 528 of 1000 / last-modified: 1662761244"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 10 Sep 2022 16:36:36 GMT
qw_4700.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/08/31/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/08/31/qw_4700.jpg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f4c2abe4c49dfe9857ea69cca014ef831743b2146fdcbaef7afda4330dad00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
18677
cf-polished
origSize=19448, status=webp_bigger
x-msg-hkn
/
content-length
18139
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Wed, 31 Aug 2022 12:51:16 GMT
server
cloudflare
etag
"630f5944-4bf8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 11:05:25 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489955fefaf9bdd-FRA
cf-bgj
imgq:100,h2pri
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.dom&eid=3&tc=1&z=0
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1607650922&u=4594375498440158&v=2147255854627238&s=8434641818588339&b=web&tv=4.0&z=0&h=%2F&d=www.ensonhaber.com&t=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&ts=1662827803770&st=1662827803775
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.52.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-52-38.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
web
onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1adc36821f624d1d53c5d8f1fa7023687e1ddb9daf2067e490d3f103ba92c91f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
3147
cf-polished
origSize=4574
status
200 OK
x-envoy-upstream-service-time
30
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2606e02d-d422-427e-824b-75088793d032
x-runtime
0.028238
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"fdefde1fc7cfa48e8fd4598e75bd4c51"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
748995605a0bbbe9-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 10 Sep 2022 17:36:36 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=252389530&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&ul=en-us&de=UTF-8&dt=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=404444734&gjid=1441058437&cid=1148706156.1662827804&tid=UA-955423-1&_gid=126161592.1662827804&_r=1&gtm=2ou970&z=440330181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 14:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133157
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 10 Sep 2023 14:46:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		436 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ensonhaber.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77eb0cefb94e20ce8b1a4e184bc59c741fca09c3a5bba297d7dbcbd0a4ec2fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:36 GMT
hls2.js
hhkld.com/rucdn/js/player/ 		315 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/rucdn/js/player/hls2.js
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
205038d18f4d6fe8a088268c87982c3054b4672207f66b325c8cd413f9ef7500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 03:32:17 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
ui
m.ensonhaber.com/api/uye/ 		4 KB
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.ensonhaber.com/api/uye/ui?i=500
Requested by
Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1

Request headers

Accept
*/*
Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
748995610aef5c4a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-955423-1&cid=1148706156.1662827804&jid=404444734&gjid=1441058437&_gid=126161592.1662827804&_u=YEBAAUAAAAAAAC~&z=618583506
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ensonhaber.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Sep 2022 16:36:36 GMT
content-type
text/plain
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		582 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=3972641140867688&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_DETAY%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x250%7C728x90%7C970x250&ifi=1&adks=2454138541&sfv=1-0-38&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1662827803964&lmt=1662827803&dlt=1662827803313&idt=603&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2765406bd983cfe2a483f159ebaec3921d356b3a1e7d0ea6e592d3b3bb64866c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
321
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		424 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=3384070274476370&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2Coop&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=30618056&sfv=1-0-38&ists=1&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1662827803968&lmt=1662827803&dlt=1662827803313&idt=603&adxs=0&adys=8912&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=1600x8911&msz=0x0&fws=128&ohw=0&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81483d4e38915ad63f3721eb039085079707afbd140c428a404318c3a994a72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
221
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E05 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
msync.js
hhkld.com/ru/tag/ 		0
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/ru/tag/msync.js?sid=104366&gdpr=0&consent=
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		494 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
19_ENG.m3u8
viavideo.digital/vi/ 		566 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viavideo.digital/vi/19_ENG.m3u8
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/hls2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
last-modified
Sun, 26 Jun 2022 07:47:47 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
566
expires
Thu, 31 Dec 2037 23:55:55 GMT
sync.php
ru.hhkld.com/tag/ 		13 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ru.hhkld.com/tag/sync.php
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
17b252ac599bfe4dc972daf3720a9354e1ccceb97865ae8ad04a4ce47186999b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
report.svg
hhkld.com/rucdn/static/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hhkld.com/rucdn/static/report.svg
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
last-modified
Wed, 22 Jun 2022 05:10:01 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
3025
expires
Thu, 31 Dec 2037 23:55:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-955423-1&cid=1148706156.1662827804&jid=404444734&_u=YEBAAUAAAAAAAC~&z=737409461
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-955423-1&cid=1148706156.1662827804&jid=404444734&_u=YEBAAUAAAAAAAC~&z=737409461
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		962 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=322171251827332&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=2447352499&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1662827804075&lmt=1662827804&dlt=1662827803313&idt=603&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
218da4ed05befd3bc59b7f5a39a4e226d6bda58879585580fe1fe5b5608bcc4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022090601.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022090601.js?cb=31069443
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b726ac394d33d31a016f5066c15d09309936fe869c04b1f50bc4ccff69aa595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 11:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13614
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 08:35:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Sep 2023 11:00:55 GMT
19_ENG0.ts
viavideo.digital/vi/ 		503 KB
504 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://viavideo.digital/vi/19_ENG0.ts
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/hls2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:36 GMT
last-modified
Sun, 26 Jun 2022 07:47:49 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
video/mp2t
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
515308
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=654173947858553&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Csidebar_top_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C336x280&ifi=4&adks=1238205346&sfv=1-0-38&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Dcd63d93a1e796185-2291a4121bce00b4%3AT%3D1662827796%3AS%3DALNI_MY5Noz82arMyKr_74dK7_F2pC2NKQ&abxe=1&dt=1662827804169&lmt=1662827804&dlt=1662827803313&idt=603&adxs=1072&adys=1308&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=336x0&msz=336x0&fws=512&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46cd95e4b2415a7389d4c412c709b2ef52f3fcab03e26f7194461f05f46401c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11785
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=1426420419404747&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_right_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&ifi=5&adks=4141907819&sfv=1-0-38&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Dcd63d93a1e796185-2291a4121bce00b4%3AT%3D1662827796%3AS%3DALNI_MY5Noz82arMyKr_74dK7_F2pC2NKQ&abxe=1&dt=1662827804174&lmt=1662827804&dlt=1662827803313&idt=603&adxs=1404&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
139bfcdb6cff975c37824be3c4f3b8bfbd6998e51d71f545e9b0a3f121243a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9588
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=1973381689733871&vrg=2022090601&nw_id=9170022&nslots=9&eid=31069183%2C31069332%2C31069443%2C31062930&pub_url=https%3A%2F%2Fwww.ensonhaber.com%2F&sig=1&req=0&req_cnt=9&dm=8
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=2263962494180547&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&ifi=6&adks=3458405746&sfv=1-0-38&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Dcd63d93a1e796185-2291a4121bce00b4%3AT%3D1662827796%3AS%3DALNI_MY5Noz82arMyKr_74dK7_F2pC2NKQ&abxe=1&dt=1662827804178&lmt=1662827804&dlt=1662827803313&idt=603&adxs=436&adys=165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16d34c1f8667bc3e63543a23327a6efa8b2ea05cd2428b91c591bd74d38bfc9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9566
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=1410002683185762&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&ifi=7&adks=2998589456&sfv=1-0-38&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Dcd63d93a1e796185-2291a4121bce00b4%3AT%3D1662827796%3AS%3DALNI_MY5Noz82arMyKr_74dK7_F2pC2NKQ&abxe=1&dt=1662827804186&lmt=1662827804&dlt=1662827803313&idt=603&adxs=436&adys=1217&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=0&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ce858627aaf09d4ab2c80c682a5e1fdcf792b629c2548875773d6ad2bdb7b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11584
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973381689733871&correlator=3256120474158742&eid=31069183%2C31069332%2C31069443%2C31062930&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_left_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&ifi=8&adks=3900402713&sfv=1-0-38&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie=ID%3Dcd63d93a1e796185-2291a4121bce00b4%3AT%3D1662827796%3AS%3DALNI_MY5Noz82arMyKr_74dK7_F2pC2NKQ&abxe=1&dt=1662827804192&lmt=1662827804&dlt=1662827803313&idt=603&adxs=56&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1148706156.1662827804&ga_sid=1662827804&ga_hid=252389530&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b5df1f72502ed39fea4846668301152a7f02d3daa510e46c4a866ebe1ab912e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10308
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
viavideo.digital/rux/abcdef/104366/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://viavideo.digital/rux/abcdef/104366/?pub_sid=104366&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=1&cb=1662827804218&page_url=https%3A%2F%2Fwww.ensonhaber.com%2F
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
eb0b22e9113c02783652aafca27cd1a48262b16fb8accaf4e9ea3921aae1c260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
748995630ef6bb62-FRA
date
Sat, 10 Sep 2022 16:36:36 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1147
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 10 Oct 2022 16:36:36 GMT
icon
onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 		192 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
7
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
89c4460b-ca1d-4e5d-8dd8-fbd3ef56f15f
x-runtime
0.006148
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"dbc49bc6ae6902c8dd6950a3fc42196d"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cf-ray
748995637ed49b98-FRA
access-control-allow-headers
SDK-Version
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f151bf16b7997aeede2785c0429d85e72d3f21dce3df31de83877ab523a2a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11090
x-xss-protection
0
/
ads.viralize.tv/vast/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https://www.ensonhaber.com/&cbb=1662827804328
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
14339ae457bdde5862b1febbe9a4dc64148ddc7a6b7aaffd806616401ad89b52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:37 GMT
cs
rtb.viavideo.digital/vast/ 		71 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.viavideo.digital/vast/cs?zone=104366&w=432&h=243&vp=4&site=https://www.ensonhaber.com/&cbb=1662827804330
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
nginx
age
0
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
/
s.richaudience.com/vid/YSo497V15z/4282023/ 		160 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/YSo497V15z/4282023/?consentString=&cbb=1662827804330
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-max-age
86400
access-control-allow-credentials
true
ac
videoapi.smartadserver.com/
Redirect Chain
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331&...
129 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.126 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
access-control-allow-origin
https://www.ensonhaber.com
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=4282023&cbb=1662827804331&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ad_request
ads.aralego.com/ 		0
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ensonhaber.com&ver=UCX_WEB-20200113&adid=ad-BE78D938BADA6494F79A93AAB87BB7B7&atype=2&u=https://www.ensonhaber.com/&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1662827804332
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 16:36:38 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://www.ensonhaber.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
dsp
viavideo.digital/logs/event/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=104366&tids=7639%2C15991%2C8169%2C15920%2C7615%2C8195%2C17552%2C7641%2C15833%2C15916%2C15832%2C15965%2C7643&v=206231&cb=1662827804326
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
img.onesignal.com/permanent/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
335
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18279
x-amz-id-2
LFVCLCNb7RoijjOFLf1RtsSd2uanDGAE+LIF2r/PvvdSKUAoxHJ/ZOjz5d9ZprI7r1EjUMWRjyQ=
last-modified
Tue, 31 Mar 2020 16:09:33 GMT
server
cloudflare
etag
"0088cf87fd11f035d81a2c095cc58322"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
NYRBP6XCGZCA8VAN
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
74899563e8c3bbe9-FRA
expires
Tue, 11 Oct 2022 16:36:37 GMT
viralize_vpaid.min.51b110b6.js
monetize-static.viralize.tv/ Frame 1A78 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14da Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
19c86d5ed205456df7cd9d104b3ef8133f013bd4b4b172b765e55019dd8171c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvjxeKOCpbgVJ4RFsDlEnyNwIXJ06QUe9mTjb9Q8GkGAsiF3xf6Pu5ADI4RerWaErnyhQtuwUDXXgWl3J76T1N6Rw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18723
last-modified
Thu, 01 Sep 2022 07:39:45 GMT
server
UploadServer
etag
"51b110b69356ad4e6c4e45d3775e97c3"
vary
Accept-Encoding
x-goog-hash
crc32c=lTJmSA==, md5=UbEQtpNWrU5sTkXTd16Xww==
x-goog-generation
1662017985945136
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
61714
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 Oct 2022 16:36:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:37 GMT
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C4E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F4B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 4C5B 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:37 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 9D4B 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame EC3F 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 3721 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame F2A1 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 21DA 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 52B0 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 4052 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAF3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ab02c3ab-5d22-4e3e-a9db-ef803ca15465
https://www.ensonhaber.com/ 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ensonhaber.com/ab02c3ab-5d22-4e3e-a9db-ef803ca15465
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
81578
Content-Type
text/javascript
/
sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/ 		2 KB
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/b3adde1f4bbb31c3485562d6e3ddceb4/js/?r=43943651644
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.246.211.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
ac
www8.smartadserver.com/ 		208 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=3334693478&out=js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:36 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
5733718
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 15:58:00 GMT
content-encoding
gzip
age
2317
x-guploader-uploadid
ADPycdsZauSolzHpPAHCSQXaU07h8zl7RejnO0AxC5vIl9DdOUwY5vlm458M0x_6MtveX3yx_wKKfdJ8fNqBCuyoBiyBAxXLEowS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-generation
1649178504809914
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-meta-last-modified
2022-07-11T15:04:42.732Z
x-goog-stored-content-length
3690
accept-ranges
bytes
content-type
application/javascript
x-goog-meta-cache-control
public, max-age=230400
/
ads.viralize.tv/player/ Frame 1A78 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827804328&sid=01ed3126bd36674616d2284d224ed5a1&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9176%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
c3cf8ced1121315171e299fc939557f99c4139dbd0edd81605011d534ed2358f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame D500 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62933
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame D500 		101 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=44
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D500 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:37 GMT
viralize_player.min.163a9944.js
monetize-static.viralize.tv/ Frame D500 		778 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.163a9944.js?e=ops
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14da Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduX5QyiE2vL0fnXqiUP3LFK0Mln37aVkJtjCiBqPBK70V6H5_JedT62xsx9NMDEeJ2EGEJ941DX_b0hLwizQ5OmXQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
232526
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
server
UploadServer
etag
"163a99440701696948190b6a64e8d926"
vary
Accept-Encoding
x-goog-hash
crc32c=VwQX7w==, md5=FjqZRAcBaWlIGQtqZOjZJg==
x-goog-generation
1662113891233348
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
796325
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 Oct 2022 16:36:37 GMT
/
ads.viralize.tv/track/ Frame 1A78 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ed3126bd36674616d2284d224ed5a1:0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-955423-1&cv=1&v=3&t=t&pid=1050126633&rv=970&es=1&e=gtm.load&eid=4&u=C&tc=1&epr=2UA&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA71 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9024 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js?cb=31069443
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:36 GMT
expires
Sun, 10 Sep 2023 16:36:36 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 14:44:55 GMT
expires
Sun, 10 Sep 2023 14:44:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4FF8 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
64881f6fa2cc19b0fa18ddcce5015f761ec8052be5b12fc0b86755701f0e474b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wtk5JOrB1TuM35IrZucsAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-wtk5JOrB1TuM35IrZucsAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:37 GMT
expires
Sat, 10 Sep 2022 16:36:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CozHdFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmAJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bC0EpslixeGCClMDAn0CDuD5hzn-YxuOkGleniVjwf9xtanXM71D94AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg2MDE1ODU1MDU3MDE5NDcYvpcO&sigh=WLJ7wc7PADw&uach_m=[UACH]&cid=CAQSPACsnQUx8FAZ7Oz5e4xVZomPuHW_DMPBPmlaIqLdLk9JsMOX-O_RKy0sE7NuX9FgTi1lEKP3jaWGp7ZZ4BgB
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2C4E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kv79Eo-lBKwC2ASdg2ICAgAAAMV6dYLphnbMWt897hAUvRxjbO-g4H9iowPEmy8AEgAA&wp=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
server
Kestrel
server-processing-duration-in-ticks
205254
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 196C 		147 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
21c37288ae94b96682ed1d36061e11f75d971c49602ef1f4bbc9c85ebb1d787e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dPWo9DFJN_5Rv0Q37sOgP4k3SEBcuJXFigtCNUUjxLHi62Uc1caFZhVhBmlApyFGMzLygHv2aa6slFSxknECyL2ACN5c70-LZp5K2-ELgh0FdJ-EhlkjtXsZZC6YEAdJqfEvJ54N9GuceBMwNJIBmaPEAOgQ2qowY0gNgqVGmKkH5Xpvgm3oehlVMgUZ5GeaQ1PgJNgiZqB6SxO45dKSmz4TzhoY9fc0H_xsgTwEFtGLFXCW3kWBLuqyoZ7gbZFwPEznhw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
84997224
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2C4E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:03:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8007 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C4E 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 2C4E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:19:13 GMT
l
www.google.com/ads/measurement/ Frame 2C4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWPCRiRx1exqSzpslEML2WNeBMfDeex9GhWoZqzs73yuFcj7n5BfZl8HTovytirLDycdttbcjB7m9X-7IuPeanXgYPPA
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2C4E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 09:18:57 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1E50 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9F4B 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDqC4f68YKZaMK3BN8mcvaXj2K-rQ7qnACNSGm0k53HA30Lwy8wDXX5rirTjrpOupsaAjp5288orbWyvPXJGsEHOOEChSvhrCHi3lCB_mqXe4Hy0WCRHU2KlT3urrq0vETZdxsoub9DK6aDLSlAJPwDliygg&dbm_d=AKAmf-ChkTRgWPwbcbpFsx-DmkhDl-fPxa6bXs3gqBmVDbx5oaCisI1O3aK-zT20D-ShuyMXpjvqZYx5eFqNnjCUjqFqlVQTev3pr3tGf0BswYKIqPh5hivtYWCHeRVex2YXqeVQFDBjg5w3xDxn9NXYt0ZLCoo34DepvRZ3W0tF-xMqeuNcL1VZgYei0NeaQX1TIFGmbQSBKZfgBTf9tcCVrhS0oVw0EE7TKqSqftW6QD-cGQwK5lKEqo6iFP4e8S_S8_nCNZkuryBUkVKRZI1ph4qNc6DxpmlQmL_7FpXPyJQAEJqYG6USwSAKyTtCknCtevZp-w0Hb3BgI3xbuQlFUvFLMO7MDXuP2bWVzPmkHUJ9cSNs_jUNPWDnUogUgPDz10XLI-2UugnMlbwVf2Ndd94j2qFJSwWB7P2qyl84xB5g2ZlCnyaTM69Vkw_jV3EYgO6o5YHXrHteKl65ggSYKzYTR0f8d4eNJXtne7DFFpUCBNRfEOJMCBbdiloP4HwgZKptQ1-8oOKUZmjygFSCIQ1jZssb-smmrSODGaPM1BofsgKfnJlQ9sh3OmSNelSjZJt_hagv4xGq4p98Oik2Ptj7nj1OKJo-3qwDMbJ4N4MqPxddiHoOQL0W1bAYy4SsdAMqkM05LrI-hpqfTuf5HUzG28YL0suJuKxY6Y8QdpDRNBHi2tddb_F-Kdq-EwIqPbdk2T4DWPCKqll4NHi1uKw_B75uQ7yL2UprJ1aqJf9k_D3dIkUOQ6Ht9J_JktcVIXJSaG7KrEmBQdKjyXtoMbqfSvgVkBXKikK1vUh07jQMn7AZPcEHU_-TJQHJlMovmzJfD6djc3lyz76wKxOmZJyk3BiwN9YucNNUBuN3XtLpBQLrYP3jwzZwj_QGHf_neUFO5Q7C_7N-49Ani0tw_bCJHadZYcxFlRFAeH32Q-okRO4lWJeEnLek21z69ITfcdZX2vn1-Wsq6SuXRNwE1ageGs4bycebONOaw9lnYoNHJO_HDlGDn41xmu78Ns2KbDixJXHdj4z8VTXpt7rh48VIfkvS3LWLOxLNUP-DKqHAUkKZSDvL2G8p6ZLEoPbCzywyj4-mvI51o7fvP4h9zkj1AMlMDCWXGsWaTJCyU6BrDmfdK80I446cOpTvzRmcJUYJTs752CzE8DXiI_cnaR5048th-vbBaSztwM3FdKxzTSTRDZ1iuEeP74tlDTfJimbS0-L63yg9P8C_JUUQgYzQcAfP9GNshCxK56kJ5JszAKiA0bVLCAhSa_h_y4vJJM8yghgnsHJ6LZVmUnb3JfjVDPGbmIm2sqhaDUW1r4C5U3piF5mKdiFVwc5y8801k0KlHnX3Xh7aW07Tb1j-w8fQ6Kika5waRBcPGgCU0JUhmxWF2xtA08-2nF2dqxPETYgOk7dYKdzwjN3lAw_j8FQSgzw7IfZCn41oOVY5EoV91_CxuHZhc1nkAq0kyTMS9UD5eZjOiSo-_WiOheXAvir-y23QqNTOA-A9d624G207zxc8h1N04_gDdzaVdccYb0oINOqb83okHNbFuoLCQD9G7nNDZ8DGmxp9y53czufNiLXSqOY_MXY4gpzva1ML0jUtDle1Wy2KY5IgeEw1N4cdQ-H50VbL5sJ8DdKQ2HNzXy3JVgniN8X3jeKQVHgvZ_HPcSp2hzLJ6M2id8QvB-wEEzscCV6CZXkyH5pik4ishlw2lo-IhvIxJaSse4Dvlf9ZZkrAtw7oTrOM6ZssStCvebRLdfZgg8poXPouR9HlfNE7vLXKqHtQtLahbbdDWjmLIpppt3CtoNExG3EnC64_LNUAVMt2Ghc0GY-LkeOQKOaa3XIMj4llKX-hF3ix_jOuY6cYtfuL-VF_wuzAz5D9ua9ixAd_h_KnbBwvKaenMM8tvN6ot8RVLq5g4wSEYWglnW52f9S9Aaw5ntdvYgFIjzP5ccFTScozn2qXltM9fuwtYDCDT0U63vE0ZYFYGxVNAK_icxINH2eY551RDDnY-CoISvMFsLo50Ljdi9F9b5pZuCJgrMeDUvL2EDAH5CWd40H8zCXO9Uv5VXNTSci5NToy9hxLiP4Gibvg2BA1L5P-Wug8I-9kroTVqtdeEJrcCNl5iITkuYrb-xp75lgcADdY8vzQ2ykjuFIjFaJ-m-A0tLk3I1mfMYBdw0RNzIjKJvEQ9orTRkhEBJ32eFV4RH7CJpgdDRWMYafQzb5I58GHlhxx9sd0QpPCm6CSl4pa8mQ82Pogyxymhosj6x6mMtB1gVkMMAp0FDzCjckkUeEz2dKZnRaPe2gyYKu7VuVsa0nSYdcdci1edjydS0xIa_SXbo4XLMFKnwRsn2o5n6ahGS5XnQEbZQmutMsL7WDrSbyQtVTpvONxfc08-IHOmcKxy_LqY5YE63K2LImAuDa-QhecbIT5K8XwYPPKwOzJbQT04MTMCLeNBanPCbvjpKr5YIesz7Gq8DNe6VLlK56RWbBSUKbbitG9CyvKPmkRh1icW8taAFKmspaTD_-f4VhISt07CIJAL6hA65VQQNAHQtYgF6Fl27ibFXIkrCUsvpbUcj2pJaMg6dII2I1dIkYiQcEE6c2LgcPXEXoDw4E5eBaA9NNVoklCipUMVaWIJXICR0fE0RYBBbaYw6UyuXGDzIGr6hhlkma86W4wVkH7tWKFCURqekY_cM4PVV-x7g1RDW2Wfv4ILm2HEbV5zN2a_eZGl056UkffKeTrS5F6L_xQ_7hVoAoy7TUYkbrR3_kSFax02V3PP4CiDrmwoqn6JBtPwDPIHWI8SFF4M6BJn4cLHHnHnX4XB9CtnSRW3k9FFSPE0klcMic6f0AqyPLnw1khfOQqJJKYJqUEbRbY9krRKlIrLNxdfmPlA3vHm_pzwjiAODttub_L01FQ4u1ut4UpCsFXCplDzJ57oO1srgiZa74kYJTgRvcHBOLRKcMuLx-LjGk9haSQrzrXakfnu7ldu2ght-Rz96zA3FCstnXa_AP1Bpir2vOmeUkuP61X5iSpG03aGMUOJt3HhExaZrl47WsWu7EI_7IenXIlhwEa_cCT7wOpgdjFv7-R254ngXbkdGAmgPtnXNlkKaq0vRgnoZZAa9Coem-G_c7TTJn5_JlM6dBhW0SlvtH7kEVIHOojOBi7Q4CG2jKVGE2_cKnAtZ0t5ckxV-XfZ_FAyWGyX3UXj2qf00Y3cLY2ptkVyfRg8rWYmx4zCthIWYCW1zb4jl-5cOFT1UM1Q5PwJ8Z_ZehX0kNF6PRBJlLq_902JI9agwkR3afVtd0LxaATmuMbPum_di8FIaQIaJhuYE9zA3S8xEUVnqcLDTwBBCaXokwH0eT7mfEMGolxzdTNuM4K9WGEiGCPZZ7ctRXi66zbVEA1X6kM9Ql_eDe4amnQZP2bLdLdQ0yQShlP3TW5HX1Ca0MfPT10Dp797PV0c4s&cid=CAASJeRoRldwK-ZJi_9NYegDg56u9a9bZ6GTG6vAZ4slkyH4_KXgyCA&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4bab0374cb07437b112968d3c46ad3d8fb07de4b48419f70b069d19071d0c9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34808
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F4B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2LRY5jUdQSMhqU38-9PgMMMGIP6n8ZCL1cptwnVq4476WbY25_WZP8emZFG1QVeIcMJYD621iRzOFYYCpBuST7R7ssSLlAzSklJ6mcNY8yQ71etc
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 9F4B
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1083870/65517243/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-8601585505701947&ias_chanId=1&ias_placementId=181...
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
age
6659020
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
s0Waw3gSR7dyNY0F5H1bBaMgh0q0d_HgMMMLSys4l5k0v-yZ9g4mbQ==

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:37 GMT
x-server-name
app12.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control
no-cache
content-length
0
server
nginx
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9F4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1966
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:03:51 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9F4B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:19:13 GMT
l
www.google.com/ads/measurement/ Frame 9F4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT90DDstyfD5in47IM2jGHCP1JSEMzlR4hoxvYwIyMjHge2CJC17vZI8-_287vUSjNo0MDDlFGG2nd_Rhk4lT-v3QyhyA
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F4B 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:37 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EAF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca_iCFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEjwJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA-ZQFcn-eCyjSKach_lXeaZhSnsO2y5TV3UO5X3-2WNQh1FGNc4b4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg2MDE1ODU1MDU3MDE5NDcYvpcO&sigh=ZkEm2aeSY4g&uach_m=[UACH]&cid=CAQSPACsnQUxfdn7VrLnl5EG_eOggeJHVibaQZXq8tBaXany4rbZs7nJ9pQ3d3yS1il3B3yznWyN47DDNuDjahgB
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame EAF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_79Euv_CsoH-gGdg2ICAgAAAMV6dYLphnbMcNRne1rfPe4QFL0cY8JlRYyA2WXv7VNrABIAAA&wp=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:37 GMT
server
Kestrel
server-processing-duration-in-ticks
137378
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame A386 		149 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2511d74e61762babc44421f9556652351439f4d0bfae9484256b0abe7fd898de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:38 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6hbmSjFJN_5Rv0Q3IMc71hdLV3fyhca3FX8Lu3cWM5DdHovoViY8DlgyUa6HFgiZWXNdiMq1nNC-oDWlRJwiJvh5eHHNQRV5itFIqslcRh5ItiNyvqAYMuM5jtrfkn2DbhsXWh-bxbZLD8KQcfC5NnLcApSuQ6fnJrsY1Xx3TLURMn7Z_X9_OSKQSUz4skuEI4tmEYUmYtIBWNyvRfhjbbEjvp_DxPrHq33snHaLt0-m3BHkNgVCE7lh8UVFr_BSw-umFQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
77192366
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame EAF3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:03:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ECD7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame EAF3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:19:13 GMT
l
www.google.com/ads/measurement/ Frame EAF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTxid_G8EJ86BFXX-CIwrGkCc0IJ48hH6R-Iajd1_2tlpoPNrBnF37EOtJf0nTJF0JSZ0rSQL5nY6wk8W5BOouzrqgvQ
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EAF3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 09:18:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 08 Sep 2023 09:18:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAF3 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:38 GMT
shim.gif
creatives.sascdn.com/ 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Sat, 10 Sep 2022 16:36:38 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 10 Sep 2023 16:36:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
43 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7489956dda579c06-FRA
pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9bB%2BudtQFqau8y5GCWK6fPcKydvGJ7SLnJe%2F8uG3fECZwMYo2MqMQ4ryGBuKTFRdoZET%2FPhy8%2FJzocZWUYD7nFfZvhdGkxhvZEhO18yce6Ts9hvnjX24cfP%2BDRVA0y%2BZ%2FNslj4IBBm2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1E50
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxy9FvPC9zyPuxYf0hbRyQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
74899570a82f9c06-FRA
pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X64KGOlInOdOop6bwQrR4doqJuz8un9586wO11pQQ39imzhYRcpie0lsSrU5QpfR1G8RJaQUO9N52t5uvF1Itk73gNeIK2ceQatmigDTHkmsbzCd%2FCq%2FOcLV7FNgcI5cYb5PecgvNVng3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENsHHe3lCv_inxbjnJLVwOQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1E50
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDhoXCB9iKyFReDGmH4ZxX4&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhoXCB9iKyFReDGmH4ZxX4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Protocol
HTTP/1.1
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 16:36:38 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5bb23f67-08f1-4790-b64f-4bcba4e22f4b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDhoXCB9iKyFReDGmH4ZxX4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1E50
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2OTMwNDI0NjgwNDkzNzU5Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2OTMwNDI0NjgwNDkzNzU5Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLa0xtIBMAE&v=APEucNXUjjXTx1kOX_tl1-JiGvqDE3r_KzEZpS4OcXwNPAW0x8DUsJapLlJzbx8chQZ7G79_jN2DPJ91gZpYGNS1n_hYVol-IHbLX-NBn5uohuRDgcfIZ0kJ4FUNb2Osg6yvcnE7X3I2OsV_Zxybp6o-kuyzRcfnEpspOZJeV6Vrk7-zjSZXjyY
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 16:36:38 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5a3b68a3-5b93-4967-84e1-b8b1a0135586
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2OTMwNDI0NjgwNDkzNzU5Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9F4B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Origin
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 9F4B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDqC4f68YKZaMK3BN8mcvaXj2K-rQ7qnACNSGm0k53HA30Lwy8wDXX5rirTjrpOupsaAjp5288orbWyvPXJGsEHOOEChSvhrCHi3lCB_mqXe4Hy0WCRHU2KlT3urrq0vETZdxsoub9DK6aDLSlAJPwDliygg&dbm_d=AKAmf-ChkTRgWPwbcbpFsx-DmkhDl-fPxa6bXs3gqBmVDbx5oaCisI1O3aK-zT20D-ShuyMXpjvqZYx5eFqNnjCUjqFqlVQTev3pr3tGf0BswYKIqPh5hivtYWCHeRVex2YXqeVQFDBjg5w3xDxn9NXYt0ZLCoo34DepvRZ3W0tF-xMqeuNcL1VZgYei0NeaQX1TIFGmbQSBKZfgBTf9tcCVrhS0oVw0EE7TKqSqftW6QD-cGQwK5lKEqo6iFP4e8S_S8_nCNZkuryBUkVKRZI1ph4qNc6DxpmlQmL_7FpXPyJQAEJqYG6USwSAKyTtCknCtevZp-w0Hb3BgI3xbuQlFUvFLMO7MDXuP2bWVzPmkHUJ9cSNs_jUNPWDnUogUgPDz10XLI-2UugnMlbwVf2Ndd94j2qFJSwWB7P2qyl84xB5g2ZlCnyaTM69Vkw_jV3EYgO6o5YHXrHteKl65ggSYKzYTR0f8d4eNJXtne7DFFpUCBNRfEOJMCBbdiloP4HwgZKptQ1-8oOKUZmjygFSCIQ1jZssb-smmrSODGaPM1BofsgKfnJlQ9sh3OmSNelSjZJt_hagv4xGq4p98Oik2Ptj7nj1OKJo-3qwDMbJ4N4MqPxddiHoOQL0W1bAYy4SsdAMqkM05LrI-hpqfTuf5HUzG28YL0suJuKxY6Y8QdpDRNBHi2tddb_F-Kdq-EwIqPbdk2T4DWPCKqll4NHi1uKw_B75uQ7yL2UprJ1aqJf9k_D3dIkUOQ6Ht9J_JktcVIXJSaG7KrEmBQdKjyXtoMbqfSvgVkBXKikK1vUh07jQMn7AZPcEHU_-TJQHJlMovmzJfD6djc3lyz76wKxOmZJyk3BiwN9YucNNUBuN3XtLpBQLrYP3jwzZwj_QGHf_neUFO5Q7C_7N-49Ani0tw_bCJHadZYcxFlRFAeH32Q-okRO4lWJeEnLek21z69ITfcdZX2vn1-Wsq6SuXRNwE1ageGs4bycebONOaw9lnYoNHJO_HDlGDn41xmu78Ns2KbDixJXHdj4z8VTXpt7rh48VIfkvS3LWLOxLNUP-DKqHAUkKZSDvL2G8p6ZLEoPbCzywyj4-mvI51o7fvP4h9zkj1AMlMDCWXGsWaTJCyU6BrDmfdK80I446cOpTvzRmcJUYJTs752CzE8DXiI_cnaR5048th-vbBaSztwM3FdKxzTSTRDZ1iuEeP74tlDTfJimbS0-L63yg9P8C_JUUQgYzQcAfP9GNshCxK56kJ5JszAKiA0bVLCAhSa_h_y4vJJM8yghgnsHJ6LZVmUnb3JfjVDPGbmIm2sqhaDUW1r4C5U3piF5mKdiFVwc5y8801k0KlHnX3Xh7aW07Tb1j-w8fQ6Kika5waRBcPGgCU0JUhmxWF2xtA08-2nF2dqxPETYgOk7dYKdzwjN3lAw_j8FQSgzw7IfZCn41oOVY5EoV91_CxuHZhc1nkAq0kyTMS9UD5eZjOiSo-_WiOheXAvir-y23QqNTOA-A9d624G207zxc8h1N04_gDdzaVdccYb0oINOqb83okHNbFuoLCQD9G7nNDZ8DGmxp9y53czufNiLXSqOY_MXY4gpzva1ML0jUtDle1Wy2KY5IgeEw1N4cdQ-H50VbL5sJ8DdKQ2HNzXy3JVgniN8X3jeKQVHgvZ_HPcSp2hzLJ6M2id8QvB-wEEzscCV6CZXkyH5pik4ishlw2lo-IhvIxJaSse4Dvlf9ZZkrAtw7oTrOM6ZssStCvebRLdfZgg8poXPouR9HlfNE7vLXKqHtQtLahbbdDWjmLIpppt3CtoNExG3EnC64_LNUAVMt2Ghc0GY-LkeOQKOaa3XIMj4llKX-hF3ix_jOuY6cYtfuL-VF_wuzAz5D9ua9ixAd_h_KnbBwvKaenMM8tvN6ot8RVLq5g4wSEYWglnW52f9S9Aaw5ntdvYgFIjzP5ccFTScozn2qXltM9fuwtYDCDT0U63vE0ZYFYGxVNAK_icxINH2eY551RDDnY-CoISvMFsLo50Ljdi9F9b5pZuCJgrMeDUvL2EDAH5CWd40H8zCXO9Uv5VXNTSci5NToy9hxLiP4Gibvg2BA1L5P-Wug8I-9kroTVqtdeEJrcCNl5iITkuYrb-xp75lgcADdY8vzQ2ykjuFIjFaJ-m-A0tLk3I1mfMYBdw0RNzIjKJvEQ9orTRkhEBJ32eFV4RH7CJpgdDRWMYafQzb5I58GHlhxx9sd0QpPCm6CSl4pa8mQ82Pogyxymhosj6x6mMtB1gVkMMAp0FDzCjckkUeEz2dKZnRaPe2gyYKu7VuVsa0nSYdcdci1edjydS0xIa_SXbo4XLMFKnwRsn2o5n6ahGS5XnQEbZQmutMsL7WDrSbyQtVTpvONxfc08-IHOmcKxy_LqY5YE63K2LImAuDa-QhecbIT5K8XwYPPKwOzJbQT04MTMCLeNBanPCbvjpKr5YIesz7Gq8DNe6VLlK56RWbBSUKbbitG9CyvKPmkRh1icW8taAFKmspaTD_-f4VhISt07CIJAL6hA65VQQNAHQtYgF6Fl27ibFXIkrCUsvpbUcj2pJaMg6dII2I1dIkYiQcEE6c2LgcPXEXoDw4E5eBaA9NNVoklCipUMVaWIJXICR0fE0RYBBbaYw6UyuXGDzIGr6hhlkma86W4wVkH7tWKFCURqekY_cM4PVV-x7g1RDW2Wfv4ILm2HEbV5zN2a_eZGl056UkffKeTrS5F6L_xQ_7hVoAoy7TUYkbrR3_kSFax02V3PP4CiDrmwoqn6JBtPwDPIHWI8SFF4M6BJn4cLHHnHnX4XB9CtnSRW3k9FFSPE0klcMic6f0AqyPLnw1khfOQqJJKYJqUEbRbY9krRKlIrLNxdfmPlA3vHm_pzwjiAODttub_L01FQ4u1ut4UpCsFXCplDzJ57oO1srgiZa74kYJTgRvcHBOLRKcMuLx-LjGk9haSQrzrXakfnu7ldu2ght-Rz96zA3FCstnXa_AP1Bpir2vOmeUkuP61X5iSpG03aGMUOJt3HhExaZrl47WsWu7EI_7IenXIlhwEa_cCT7wOpgdjFv7-R254ngXbkdGAmgPtnXNlkKaq0vRgnoZZAa9Coem-G_c7TTJn5_JlM6dBhW0SlvtH7kEVIHOojOBi7Q4CG2jKVGE2_cKnAtZ0t5ckxV-XfZ_FAyWGyX3UXj2qf00Y3cLY2ptkVyfRg8rWYmx4zCthIWYCW1zb4jl-5cOFT1UM1Q5PwJ8Z_ZehX0kNF6PRBJlLq_902JI9agwkR3afVtd0LxaATmuMbPum_di8FIaQIaJhuYE9zA3S8xEUVnqcLDTwBBCaXokwH0eT7mfEMGolxzdTNuM4K9WGEiGCPZZ7ctRXi66zbVEA1X6kM9Ql_eDe4amnQZP2bLdLdQ0yQShlP3TW5HX1Ca0MfPT10Dp797PV0c4s&cid=CAASJeRoRldwK-ZJi_9NYegDg56u9a9bZ6GTG6vAZ4slkyH4_KXgyCA&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:29:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 9F4B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDqC4f68YKZaMK3BN8mcvaXj2K-rQ7qnACNSGm0k53HA30Lwy8wDXX5rirTjrpOupsaAjp5288orbWyvPXJGsEHOOEChSvhrCHi3lCB_mqXe4Hy0WCRHU2KlT3urrq0vETZdxsoub9DK6aDLSlAJPwDliygg&dbm_d=AKAmf-ChkTRgWPwbcbpFsx-DmkhDl-fPxa6bXs3gqBmVDbx5oaCisI1O3aK-zT20D-ShuyMXpjvqZYx5eFqNnjCUjqFqlVQTev3pr3tGf0BswYKIqPh5hivtYWCHeRVex2YXqeVQFDBjg5w3xDxn9NXYt0ZLCoo34DepvRZ3W0tF-xMqeuNcL1VZgYei0NeaQX1TIFGmbQSBKZfgBTf9tcCVrhS0oVw0EE7TKqSqftW6QD-cGQwK5lKEqo6iFP4e8S_S8_nCNZkuryBUkVKRZI1ph4qNc6DxpmlQmL_7FpXPyJQAEJqYG6USwSAKyTtCknCtevZp-w0Hb3BgI3xbuQlFUvFLMO7MDXuP2bWVzPmkHUJ9cSNs_jUNPWDnUogUgPDz10XLI-2UugnMlbwVf2Ndd94j2qFJSwWB7P2qyl84xB5g2ZlCnyaTM69Vkw_jV3EYgO6o5YHXrHteKl65ggSYKzYTR0f8d4eNJXtne7DFFpUCBNRfEOJMCBbdiloP4HwgZKptQ1-8oOKUZmjygFSCIQ1jZssb-smmrSODGaPM1BofsgKfnJlQ9sh3OmSNelSjZJt_hagv4xGq4p98Oik2Ptj7nj1OKJo-3qwDMbJ4N4MqPxddiHoOQL0W1bAYy4SsdAMqkM05LrI-hpqfTuf5HUzG28YL0suJuKxY6Y8QdpDRNBHi2tddb_F-Kdq-EwIqPbdk2T4DWPCKqll4NHi1uKw_B75uQ7yL2UprJ1aqJf9k_D3dIkUOQ6Ht9J_JktcVIXJSaG7KrEmBQdKjyXtoMbqfSvgVkBXKikK1vUh07jQMn7AZPcEHU_-TJQHJlMovmzJfD6djc3lyz76wKxOmZJyk3BiwN9YucNNUBuN3XtLpBQLrYP3jwzZwj_QGHf_neUFO5Q7C_7N-49Ani0tw_bCJHadZYcxFlRFAeH32Q-okRO4lWJeEnLek21z69ITfcdZX2vn1-Wsq6SuXRNwE1ageGs4bycebONOaw9lnYoNHJO_HDlGDn41xmu78Ns2KbDixJXHdj4z8VTXpt7rh48VIfkvS3LWLOxLNUP-DKqHAUkKZSDvL2G8p6ZLEoPbCzywyj4-mvI51o7fvP4h9zkj1AMlMDCWXGsWaTJCyU6BrDmfdK80I446cOpTvzRmcJUYJTs752CzE8DXiI_cnaR5048th-vbBaSztwM3FdKxzTSTRDZ1iuEeP74tlDTfJimbS0-L63yg9P8C_JUUQgYzQcAfP9GNshCxK56kJ5JszAKiA0bVLCAhSa_h_y4vJJM8yghgnsHJ6LZVmUnb3JfjVDPGbmIm2sqhaDUW1r4C5U3piF5mKdiFVwc5y8801k0KlHnX3Xh7aW07Tb1j-w8fQ6Kika5waRBcPGgCU0JUhmxWF2xtA08-2nF2dqxPETYgOk7dYKdzwjN3lAw_j8FQSgzw7IfZCn41oOVY5EoV91_CxuHZhc1nkAq0kyTMS9UD5eZjOiSo-_WiOheXAvir-y23QqNTOA-A9d624G207zxc8h1N04_gDdzaVdccYb0oINOqb83okHNbFuoLCQD9G7nNDZ8DGmxp9y53czufNiLXSqOY_MXY4gpzva1ML0jUtDle1Wy2KY5IgeEw1N4cdQ-H50VbL5sJ8DdKQ2HNzXy3JVgniN8X3jeKQVHgvZ_HPcSp2hzLJ6M2id8QvB-wEEzscCV6CZXkyH5pik4ishlw2lo-IhvIxJaSse4Dvlf9ZZkrAtw7oTrOM6ZssStCvebRLdfZgg8poXPouR9HlfNE7vLXKqHtQtLahbbdDWjmLIpppt3CtoNExG3EnC64_LNUAVMt2Ghc0GY-LkeOQKOaa3XIMj4llKX-hF3ix_jOuY6cYtfuL-VF_wuzAz5D9ua9ixAd_h_KnbBwvKaenMM8tvN6ot8RVLq5g4wSEYWglnW52f9S9Aaw5ntdvYgFIjzP5ccFTScozn2qXltM9fuwtYDCDT0U63vE0ZYFYGxVNAK_icxINH2eY551RDDnY-CoISvMFsLo50Ljdi9F9b5pZuCJgrMeDUvL2EDAH5CWd40H8zCXO9Uv5VXNTSci5NToy9hxLiP4Gibvg2BA1L5P-Wug8I-9kroTVqtdeEJrcCNl5iITkuYrb-xp75lgcADdY8vzQ2ykjuFIjFaJ-m-A0tLk3I1mfMYBdw0RNzIjKJvEQ9orTRkhEBJ32eFV4RH7CJpgdDRWMYafQzb5I58GHlhxx9sd0QpPCm6CSl4pa8mQ82Pogyxymhosj6x6mMtB1gVkMMAp0FDzCjckkUeEz2dKZnRaPe2gyYKu7VuVsa0nSYdcdci1edjydS0xIa_SXbo4XLMFKnwRsn2o5n6ahGS5XnQEbZQmutMsL7WDrSbyQtVTpvONxfc08-IHOmcKxy_LqY5YE63K2LImAuDa-QhecbIT5K8XwYPPKwOzJbQT04MTMCLeNBanPCbvjpKr5YIesz7Gq8DNe6VLlK56RWbBSUKbbitG9CyvKPmkRh1icW8taAFKmspaTD_-f4VhISt07CIJAL6hA65VQQNAHQtYgF6Fl27ibFXIkrCUsvpbUcj2pJaMg6dII2I1dIkYiQcEE6c2LgcPXEXoDw4E5eBaA9NNVoklCipUMVaWIJXICR0fE0RYBBbaYw6UyuXGDzIGr6hhlkma86W4wVkH7tWKFCURqekY_cM4PVV-x7g1RDW2Wfv4ILm2HEbV5zN2a_eZGl056UkffKeTrS5F6L_xQ_7hVoAoy7TUYkbrR3_kSFax02V3PP4CiDrmwoqn6JBtPwDPIHWI8SFF4M6BJn4cLHHnHnX4XB9CtnSRW3k9FFSPE0klcMic6f0AqyPLnw1khfOQqJJKYJqUEbRbY9krRKlIrLNxdfmPlA3vHm_pzwjiAODttub_L01FQ4u1ut4UpCsFXCplDzJ57oO1srgiZa74kYJTgRvcHBOLRKcMuLx-LjGk9haSQrzrXakfnu7ldu2ght-Rz96zA3FCstnXa_AP1Bpir2vOmeUkuP61X5iSpG03aGMUOJt3HhExaZrl47WsWu7EI_7IenXIlhwEa_cCT7wOpgdjFv7-R254ngXbkdGAmgPtnXNlkKaq0vRgnoZZAa9Coem-G_c7TTJn5_JlM6dBhW0SlvtH7kEVIHOojOBi7Q4CG2jKVGE2_cKnAtZ0t5ckxV-XfZ_FAyWGyX3UXj2qf00Y3cLY2ptkVyfRg8rWYmx4zCthIWYCW1zb4jl-5cOFT1UM1Q5PwJ8Z_ZehX0kNF6PRBJlLq_902JI9agwkR3afVtd0LxaATmuMbPum_di8FIaQIaJhuYE9zA3S8xEUVnqcLDTwBBCaXokwH0eT7mfEMGolxzdTNuM4K9WGEiGCPZZ7ctRXi66zbVEA1X6kM9Ql_eDe4amnQZP2bLdLdQ0yQShlP3TW5HX1Ca0MfPT10Dp797PV0c4s&cid=CAASJeRoRldwK-ZJi_9NYegDg56u9a9bZ6GTG6vAZ4slkyH4_KXgyCA&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:33:39 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 196C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 196C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 196C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 05 Sep 2023 16:36:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 196C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 05 Sep 2023 16:36:38 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 196C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Vibq3tz1ZI7H4G9UlhQIkphg1x-I0DmnLD_jcoVqAXcHHvA_lmQRtFGgQpi361DZtK2_ycL0kYJlX-VNMgMUWu20fR3Y39HuB-6A5nraVuml6giyeCojIm-j6H7RmMLyhlU6u339KMZCeyXzDWAbvI8oW1GsOpervRdq4ZojZPTg3XD488WR2NcXf4BfC8AI7Cd6BQle2GmGkhLrz6djdr7O9rAY__3hloKapPynC0nFIOV5Wx3zHDlwbboZGSBsA_aiemt1IRZQ2vHkxdTej7Y2tuW2MikFs7yIe3BJYGnyyEqoq0qXqYnqcB6q-rFUi3St5l9lS0yse0HGDxGGOFPJT37Gj5taneUkRBeilrO12B6ZhBqwTjX1L81_vC1ZglDugyfXYZmthG39TmEnbsD6oDLvZ-jM5WipWUbNmU-cFrqhkm_tuWvt7yTAJDaLHUJIXw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2708147
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DAA3 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CA71 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOfsewQuabb10G4U45HQNMcmNwAPdEdbX1tXDnQXx1qa3iX29RXoiNNo6NNR0bUxmVezNVgE0Q2SC7crjQ4zx2lQrEWw&cry=1&dbm_d=AKAmf-Dwvr52DkEKXwXVkBHTBJnkocfkLuA-7_HjW4tGyCusac3K-OfOQxRdxrLkdBRfAZ6q0Bn_ruAyeRvosP34dpkDQIfWe1K4aV6qxYvNReHB6qlgDPcZwQITM3n4JedUTD9oACnm2BfNhmmnXrRCBtvrDD5tRs9XSKqNQSIrVVe_eBfi5o-hwwZ5SOAHjm-nZgbwEt3hAiunLS9aiJJGPxVfZW8Oh6kXZdMmEhBEac7j2kAeipf8is3T-JnBeyZPauLn4SjUJ0uPN0fp3cKkpsM7J5ycj-6cOQ5IFdjwCmgbGyxsEyA9AVpwF3Xvfw2EbxKkA2ov7ay8EN_hClrzUuAaQcwaGnx6_LyM3PjTU3Bl4hqLSLYZYY7CADYZRK8TnRX1gXGhiOdhbtB2DE6T3WjQJTah0wsc44EUYfCYl4JOz2x_vOa6i4YdrD9HFj5rp-I_T9WnEjwlCJWCkoU2rsFQuIzoaUyijtx1MMYChfNpBJctY10EwshdoRMCV12KkZRxZ8lC4nJUQNsaDpx-8Y8X_O_furT5xrJc68tWPrn_au6vbjmx0RJkRAYoIxO4S_Llwrn29NBz_RUYUW_jJtV8Y-qobXcTah8SH90vX0GEWo8o8YLqmyyQ8kEhvixxhtcbG3_JqB14Xm6RKOPbLP-0ljZ9peCwvcY_lTE0Bk8s2Ji2qNA-IzHN48aIFvRdMUy52aW0oWqtDxnUnH-wyJVfkNELKOMMTKGIN2C04VXfX4q569Gov-wtCconOCETHHIOdlGsntE7HVAtOPBmGuqzWId1hgqK8tMQcYeVo9fPqI_GQr30MAGPW82yTqNrdt8gw1LA8qklu9FcRRBvlP6q-0KPT4hqzvTZoOrBY__Csw_mmshhtOSPLPHFlhWlYu7DlUN2bHAvsCX7YDxBEH1EafhwtFRIxvgExh1ynqCmYO1lYSqbU--UwRvbCFufg5dzH0tnSICsjvbwZHWg5YIPX4RgW4mjP-1Ak4mPdcv3NNToxkAKe42zqEJv5UFFxouNqvDHrIl3S3kucEfkoo2qcISK9kdfOa5TJj1LffoX8TO_KAnn2Cc1h-pPsqHnUeWTLhPs5ZGQolRh_I1yJgOmZB5RlLU-iUH1jNtWIKO18CRQ5RQ6qVyzl6bMo7Jzb1MkyyntxPFml2mFX5Z4DPw_6LgGxQdZ_7Nzeee2nC58ORhocSV9Rp6flqwshvOBNzieCxlQHeEEjkkVOZfZ8QPhplMa6GOC-z7-2V2po1GFWjCaZX-b_mEtR5vs_Jdm7tHCUeH-pKNNL3E7M1pBhuwjxqCAvOaoB8aN46F2Yya3lLWebC0wGRK1dYvbZP86m5xbddnrGO9Ifpfl4VLE1zpT0SW-yHU50DvQnECLSEWiAbKt0Jiy5H5Q-oUcQdatfqZMu6r4NW-BEnV8eozUs8OtEdx6SHIVgFTt3PI3u_Jw0Iiuas9Zcc7gmr0h5YIxRXF6XLbIKZo8FxgyK4bfi3v48DKXcFUR83f8k8Rpwg3rB0RZTB72Rd-lUd8D-9fUd5a3iPSX8RiX40oU-Xt8U0vZooR-nsfiA5-hLqtn0J4jLdjqmcN-t9i5i7lFwCEOzU2s6Zpn_rFl6rxUTIPkUFWdOT2n5Iz4GPaQjTf_xSA4VPyc4ukSJU6SaQbk7JN0MvAmH_0NQaYD72vJjbMEJFvu33jrO66j7Kt1kNlEsroORSnsFdIcm19T4VyKvBfsRMtudng-W8siEASU3zz1Yrw-Y7uS_039AyeI0Pe_-vsbj40vPCJFRHKcnoNCTfIQzQRVQrTmy6btpkVbxwpm87mxsympA7md35DyyQuAiLXHVdqPkOIT2lAzwjpAr2wuCns3D7uU7lhmQIx_04r6O1Qc0w5d7LYcOrAMPnixn8PeN2I7HzEXJDI4uhTsVEn_d4VkARwixog-oi5R04txjQI47OpQpYLLnLEULyZjBelos9KvSM0V1EPLr_2E8mkqPV2QUpw2cujlPYcJ4paURW7tysP1y3F3JLPTXTswr_Lqffl23kB2QpVSpsSJPT3dpJJz_W8NBMN2LnrQrxkpT2dbvpawhy5WAAsjklDnRvOav1fmXNAS5gkv3LRyZVgILy9H4XkA9lwbThB6eL--ZpdenIcvBhmvFV8GsAVC6kBJYb_CnYN7r7mMviStmgk1LStcBViuAcezqNrIa6KoPQvNDYmCcV2BbR6TowUwwZe93iTZwaXPZ4_sNNgC5VNEv104vHywPHSwfY3ZPivgWDns7K-Ombt6h41V9B5UWqRS0jkiaDCmN9CzkUPMCJmz3H2YWjvDpvpOZN7dW_BJGi8mIMftk4kDDALpoKM7_xu0HXhLCdOo-cSXuwBOOBZZ3itV2yLlP4p4pK_cLzGvAHwfQOq-QMp7PqhJXUSflXCQyLtZ4G5P6a_iYMW5x4XeMScCIA-Cg2GrM94HcoqUtR_fqMJk-N_F98C3BN8LChLtFbGwom54n4xSK1GJBkP9WpHsJq-Jpv2BrMCXyDSeE-9qN_NSg6iTNBEvsp-Z5QR4t2hh_y8REjTGO9oo18HE9FHko9AIPiZVkLRaDEWyoTo_COwhhPEBr6IoGy8DtwQDvRUyf7nOO6LefzM12jAy2Nr7JUPVn0btqd4RMHSvWnmDXFXdPf6_mT-xJc5-kf8sBAyiwAwALWGx71rMVmLsZu-GR2qFzIKvlLJd1KHhXL4LEc55MkDpW1TmOLYFY-ETxtHWSBtjrITdaE6kbs5gtfrWtGwfz1H2etOgKd4Sa0G_3OnNXhmOy20rV0zvtK8blb0ZROVAoM0J23w5iITWZEBTztruWT2hHwO7eccW9BN6mM0UGLaZpN4dvVqTblHOMXPiHkHVbgVVgKb5zka7S0cOE5p9Yql40mZK6_uBfmy8KoMYcbhBno5KS1gJXAHXHwYo_3ediMoS6VrHzvCzAyYop059Q4-vP2VoKdVCGBQs1Kn1gZ2VXE5ljLIFqhpZVWBve_obo-CU8hB6g79Eood3rwfqMQB-lrdCeWRjbK9FG4MBnxn3sSgzTRcGYxA6LYnXXDpC1X35dg6ouRodPjOhyT5EgPFLvTAy3adu-yjhYFDaOI64nesnAAHZOlfXTQK4aDFiM-lpeuStNVCk8Zuu0yQI-5-iBUO_M7CkRHhVlrQSPMH_5gEUkHOZMcI4vNnxxTLKnIfBRDEmBCeFrWPtntLakebPKnEB3kYC4af5XeR2bZm7G2swsP-iTutdFhLWE_aWuDIQUosOlqxqonwVx3byTuk-Guk0uB-Nhk3WsCfkUNeSFq4NflxKEj9hhHWgSIxfyqwh_kZQVxX_HE3WUfe1xFk_iTzc9wLGe-j2z1tN2Ey6Z94vlu1FezFWQvp0YCd3_ooqjYqtmdnKFA0LSsy0&cid=CAASJeRovvxqmAmto7ZHO5NIOb5ZSa4avjcqokT_T5UjxWmTn8q6lQU&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8635106e59e7f4f9dccc927457eec202885925198fcbad28061393dfd16922b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA71 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWr-z_SKnmM3NQOHd4MB7abaq8LSQQ3jfHmU82xmmfA0Bcyf1uPcb7ixocga7oakHmL6fHa0JFF3m7wZiYM-OTroFEiVU7hAss0MVTrjvhL5wzq5E
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame CA71 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:03:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA71 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame CA71 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:19:13 GMT
l
www.google.com/ads/measurement/ Frame CA71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQmV2jCvUWrqaIZeycVQ7EDqnGPmrsTZmv-7MbZzb3OdLOYb5LTi98WBvpQ14QCVXJpq_vzsZUfT-eIZ7FMywkGDqW_g
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame A18C 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 16:36:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9024 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CU33FqS7_fJBc41ArBRZMvinQjE9bdlcZ-ZpTHdHcehqoH2pVCKF9K25Cg264smqARrIzRPOD2haTAz6P0SM-W1iPASg&cry=1&dbm_d=AKAmf-AzdAmvxnyI3B2sp6OXcYn50TDcAMjV-htbcLmLn7DzN5XdlQNM86Ju0dLaffP5RXs_ehnk3gzeQYYoeccwSK9qL049BkeWpmiWFYFs5ZWnKTZeFGfnsxKl-chHOpGgJGr6PmpCe7jmgs761Wyv5tvLmaknT8sqhUMFeyilBrfVm8a0luFkV6LzrGUPtOBPQirUJi5AOhHT-9F93NFdfzbYZjgu2v5cQepjakj8giXhCJLjB5up93nqSwGkZeScYEIwWz64pTnFtGMIH_OUkemixmC1-dRDAOx6caKoqR59PQotzKC6xbz3d3k4IcHxUSktv1Bv6Nepr2EXEHPYTPAkc4MlULYIC1tP0AIEYGNC0poSzgZGAThSgc9i3dO0IVbnfYA0G-J0sXbYlKt_quiH8ReyvSA38jIFL7DCVSCrdrVIaentVAPL9nxTpORIYvPNI1DB2xFhFdIqmHVWTcJH6yPc3vS3Vt-rMbk0H6uLVcMPpuepa0-B5J-vobc1xiVYavKAHdSZuGrBHijxgoR9NzL-W0fK0UjWDvpJl986Bt1qf50gH13y4seTslpdGtLuvptgkIUqPw_qdymoJUsjmvQygsGvKLhjUgIn72_gifNJhq_05r_xy7YZjw5ueqxlPh5EZU4LAS1GhWpjoi8ZwT5fK4uUrSBX5YiLj1ZstSqfjzMx1ciSDwBs0mmRjQXuY5b_QcMF_jfAIyEoUvwPiEO4DMUmK-v998Ey8A60uBZcn7z0XuCvkmGWDKyucLR01Fz9jynlks3zjg5xnyVHQu0y-K_Q1Ny_KBkk8-J6vWPTAPG0BMTKRNcd9rLm2zNS8wsN6H8OPLSES4m9wNvFm8rlCX6ky1V4EsCZzG_wlRFRRFNc4pfjG_57sz9qg6LX8p7v5kSm5s-AevpWYw6-HlmC0dWRs9X38Y6ISGobqtU0YleKGAGHf8D0SABqHI_dL4o31tQtmocDrEOjlkzd_zHWt0SyM7Az3pWsabuvFNf_p5pikztVN9XohAAAaxXkf4nNRRjNfPFPAlcZaGGzzRGUXtaBXq9k3178zKfmaKcgjlx-aZYkofmyt4Z5iEdLe5XmXkhHm7zBCS4kQ2tkl4VltEzNlw6ug6hY2Po-KtpNaC8UuQpnbZSJeQIg7iA9ET4_QbSmj7vfLk5hlVRowkJQIguTPEktRW6xg-TZHXkVfxgwkV5GyIQ0q-GBfmopL7Tkz526tzvEi9vRugTxU5i1tBH3_I9zDYj-WtcYVW5OmweZB6-putN-SoGgEozVrr9kSE7t8JvcqiFqQ10uKi5JWIIrvBYO3rMoN1_nz0oqWBokGvUtS6agEKMsfxmV3BJr-7mpG7iXfdP26Qtk7-zQv_8WjHearRcd2jFBPfljzqpnYsFFPxWueXRt7x1KUKfJmlSQkFSkxF6Pcitv-gYpxw3V3YoMeLhqAdZ9zkU5_SFoEK8FFAyRJqV8VXi9wIY85mGjG2YCp7tqZgrbJvBHIfpS8hlza0MxoTmhAHSvbGrdUPy94bIhhQJcq1G2CGB_uqmgGYcdvv0dDIxHXQS_kwT4RRQIZ3-nCNeQdb4drC-hsRdKWGlXlhLu-DrFAEWGcTRN7-MKwX2dn6Tulzp7i_b27OEXeVJkKQQT9xOQB-_Dsz__XnnqpUaMgJ4II92n9dkAexrnaPjbqpkjm9Fc7ryZyk2X0yLQtbDriRtWGz0cmd4aZCJg-4Du0jGROGSyU6su9Fhw4c1fhPPwxtVKiO84aMYpTyVSw7avMwTVglL-xT359eeKZMOvSxl9iU5QqS4BFkbnu4Qcj8tfYa1r9T4ITTNgji0EpduzjJp7D3jSCyF0LHaahJFue_6-WYbrul3Ys9mLAyK8MQ0cpwX8y8xLga3IE5tALMsaOmt4BIr2jqbUdVsHTp512tiszR03GpbUSQKjgjkTAlUgwMUOQ5pxYEfsVZq8gsWaZsRatug2nNUcDhCsVYrl9bWGkjxnrCqA9kmcKa4qXOc5h_vqEVNCqZ0GuRcq8RQilJtaoGBE8D7UkqxxtfJEYSdwMeF97tkk4sqQkrXalQxS-RixTuQQnco_7CqjYoddbFeTCU9-XlONzMPsKhfvZ2JczBgV4CxLY6kHMSzWs8e5NjOCm3R5qWd6uxG31lZtQiWU8reK2ppwOUN27c9UMTcboB9JUHATTlFrS8XCxIua2fvO5OhDerfqUlbpG996219SDm6dT8K5w3kJXqPE_shfEvcx8mmrsq5FWueoIGuJRAKgW8EJWTe_hspcBc7cf4pTCfafYjpreckzdr2rHXQpplQ8Cy8hRIliyPbY6n0s-8YDgOISJNOK1ofAhXqCg6gM6UxE8p26He4Zvm4TDqm3casWs6-Qmw3NlLbSzjb7M6GKrww_IkJb9sg1ZM82XTFcAboIW77TRD7BXLVeSjp_U1Yx7R3K3dLD1djJ3LEaWuZ0YHdUzkRMqZIj0mO1LYSBxUzRLxAMS4-ljq3u0C60oFQAB9OVn5txG4rMPmFZRg_OETSGJQjdqF5gf5qmfGLwXrAeHKnalpj9qgNb1zCXNHTEhOzYb0PlMxG1aCQ-THESLVPAJNP-9xyWMwGQCGE76nmlMFZYyqEIgIHewXCgrfX0cl-MkMxPM0cH1QcEQrcXXrCH3XJl_QojFt6zcHZF5C5xaxkvTRq8gWS6nW_BkPIk6le-tdtemT8iukWbnO4J7BK51Kx9_pgG2-B9DJS_F15jakXISBlbZEJr1vp9jCDkXC-KnNj5udCf4ntE1j6dG8zgr_rr7WWIjuQNiGMusm_ArWApKFNxzIbzUTNT4heaJodXTJFzLP8rmX8FEU1MPpq9ZDjmIVah_6rN2uWgOH3oRw-vsq8ecspgTlz-nLsE58ysBkx7nGCV7Bf5jLhZ8_q188hzcdCB-6qhRfcObsglr1vaDQVXACrbp_oHM6oKN_1BvBcAPcPL-bQLW9iwTIDvie9C1djdt-2SKZDblPQEpWSfmRXAk6YQYzm8JhaXGMRUTNrYC3cfZ_5ssVaxDQK3M6bJtIR_HbHRjAhVQJzJE8gpa2TzVbitrH9r7t2RR_-HZq4NRVp-Q6rf2yjpT4HYAArp_379ZM-1sjd-kTq9lxZeKKSFtOCP_71GgqcKRAgLaBWdIdg5B0wmGl-MV_z8xYQM4ypV91mV0OPA5vROzy47xuCP0A5eX8htwiTNUDIrqx5GO4WGALAsdGLH6oH4oC8cGZElJw3UNz3pn3YLe9PyWIcgQbtOjGGCSgaLRbucE1hHGp65lnKM34m1FirwNwqPQw_kaxBHo97i5y-r40e7swT0YJ7ZOJ-UO0Rwvvo831KnSYjzzbN7KaFfxQ&cid=CAASJeRoAFnTujunKZmFgF8crFYCXUTozPS-UaRxaWVvwf-sg4NaJyE&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e4397946c5ed010a692d0fad2f0c3d9a414daca6e024165d28e714611010c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34236
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9024 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAlufxZODIhiUjcyjnuADWuNHoHD8wMKP6jPCsJYAWj02EtFDbxH014KcAznopYWj3hYTgSy49zVdOYOJLw5CVkzcJX_TmbqvJ6wsMFuxr8oeQg-8
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9024 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:03:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9024 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 16:36:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 9024 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:19:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7592
x-xss-protection
0
server
cafe
etag
7248493764890666469
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:19:13 GMT
l
www.google.com/ads/measurement/ Frame 9024 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWASMyN-dDonGWtTsI1ysAFjfSsBxylUW0fjagIIVws_whJvWnlq4ii-vxb4kCO_UgdDeQXJMbSCAmHJZKH5F5D1qUfQ
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ima3vpaid
tpc.googlesyndication.com/ Frame D500 		932 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp10.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827797%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c99c35dbdac68ec6be96f622b28c4ce35ee197a9f472951c8ed014c7d411e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
566
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame D500 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126bd36674616d2284d224ed5a1&item=YWRuXzc3OTbTNB-0YTyN0w%3D%3D.1.1gck45f63-pp08gimfohg-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc1
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
privacy_small.svg
static.criteo.net/flash/icon/ Frame A386 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A386 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A386 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 05 Sep 2023 16:36:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A386 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 05 Sep 2023 16:36:38 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame A386 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=WHQfytzcxLb0aY-tLF4OOKXLC6I-1h93sVjKHbsDCijxa9QoDhb6FTtR58z5Gw89xtCg8viValh856Jwg_1Ua7CPNcGzifPKRe-F93jFbYIh79g8FvL_ZgN1lhnWaV5qhvXlL_uh0xuNfqLgi4FtnK71vbtGNohU7C8LeBPVglujdQDk_Zxl4bGrmvFBi1MH9lKZuTpGlg3z_Wu5ht6kvMH7lNkJc17aHarUqpEsqQDPDpnYQF4_XnwaxP6xYEi5AAaKA7SW0mLV4tGe5lxsF1IGoOoSba3vV_xArcMq0V_M4xlEng4tCWJ_7ORsl5w9gj32G0AHCcjt-9lcCBYcr1AuVV254Dpnqr8WtpQidMM1nF1IL_Ky6IGe_sG_0v5PGZOeTLE4hyDLPXJzzrB11ckPxDevGltTOsd9kOEk2m4hI8hrxav9RqRjjfm93Ub524xncg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2836248
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
pandg.tapad.com/ Frame B4FD 		13 B
253 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.ensonhaber.com%2F&owner=P%26G&bp_id=showheroes&initiator=js
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Sat, 10 Sep 2022 16:36:38 GMT
strict-transport-security
max-age=31536000
via
1.1 google
ads
pubads.g.doubleclick.net/gampad/ Frame 4C5B 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2FAdExchangeVideo2%2Fviads.ensonhaber.com&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=2902560645567103&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=194073650&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=7A9E98E6-D373-4CCF-B197-A8072BEBDD4A&nel=0&eid=44730464%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827805941&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=1280272772261390&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29fc477d1c597fb52695a779fa91714aaa122f48482d9cbd1db0acc6ec9d3332
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
945
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8007
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELbQqebbGMqSkNdLMbVpYc0&google_cver=1&google_push=AehlK4AyQsd8lAx-jeerzqqEkx0SoBQJUJJdNklN3wT0bpm7YRH9lTSPIS431u4OeN5POpKeM00dOKblp-r3bbFn64ut-UiaIqg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjAyMTIyNTAyMjc4MTY1MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8007
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mmw5UWx6VncxT3gzdGM1&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47Bs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mmw5UWx6VncxT3gzdGM1&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47BsJtHBIz6gCc0q0KrZBkai9B4ohPpKNYPMUxlarUsGVg8_X1u60S1g
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 16:36:38 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Mmw5UWx6VncxT3gzdGM1&google_gid=CAESEAzY0YHcXO7L0mrEqRbG9io&google_cver=1&google_push=AehlK4DfMz_cBYzWJFdJs_6PE1JLLP1JkE13eQVlNLD47BsJtHBIz6gCc0q0KrZBkai9B4ohPpKNYPMUxlarUsGVg8_X1u60S1g
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 8007 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBq_CeDr3B-Rp4e0A-Yh734&google_cver=1&google_push=AehlK4A9vBxWmjxRL7MDlihR8yNOTaZdWdUu50UBTITvi4lVoDQ9V2PfkBAeUIlP4GjuTDc9_AzJg0fyk9Z-XJS6ZFUTjHurN2Q
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662827799.837064,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4038-HHN
google
match.adsrvr.org/track/cmf/ Frame 8007 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF2yNfRNN_bwiOWCd5HfTIs&google_cver=1&google_push=AehlK4B9P0XijTPtdmZ_QfZ1aZWm_8g0BKwRImZf6kPX1iJpupI5FcSS_DxZOto2PSmPRAr9Wsnh9M6g7r7797MaSBbX97J-oJg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 8007 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGntCjrO5sB4KdHCj2FCIvU&google_cver=1&google_push=AehlK4Dv-PV8YtnzRbNOvB3HkSNaRYG_hpZIeKeaxrLNDofNStTD6AF0yA9XIebp2kcQqGubt8MHmdsqgTbl4sE_E38-CXBMpl4
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 16:36:38 GMT
pixel
cm.g.doubleclick.net/ Frame 8007
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEDEd7pNtuJnwLFvy4N9mpzs&google_cver=1&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjoha...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjohaN-U780F6va3pJ4E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjohaN-U780F6va3pJ4E
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4BfKDiMn_uG4zKjvz2iIpjb58EwCHdIS1IEzjAyGTo4FAPtre96juZ__34LuM3Ewkzq-f_ObSSnjohaN-U780F6va3pJ4E
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame 8007 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJLyLbQDL3JRaOQvlRFOjoM&google_cver=1&google_push=AehlK4BfIF5ACGI3ovj1tK8_5isf87Q665Qtl1gdHrxQ6hDiRr0U9KHTxLKnCnJwhnwhTib6lGHhkJab5CiEzu-DNmmqTsOQZo4
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8007 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K86VPLCed_6KiYOsdLBPF3-CjFQkBVkKEwzdWIOz0jyBF-tWN93pVK0xwnzcs42H55BIfj
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ads
pubads.g.doubleclick.net/gampad/ Frame 9D4B 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C22737937330%2Fapl%2Fviaaplads7047%2Fvast_075&description_url=(domain)&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4198247366799430&&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=1066312204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=247754F2-C1E8-469D-B9DE-07AF6972AB04&nel=0&eid=44726389%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806015&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=3974540690312986&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
servg.playstream.media/api/adserver61/vast/ Frame EC3F 		7 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servg.playstream.media/api/adserver61/vast/?AV_PUBLISHERID=6298968cb046bd3825475e07&AV_CHANNELID=62ebc8628547cb4cd0498c75&AV_URL=https%3A%2F%2Fwww.ensonhaber.com%2F&cb=(random)&AV_WIDTH=(width)&AV_HEIGHT=(height)&logo=false&hidevpaid=1&
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6805 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Sep 2022 16:36:39 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
7
Expires
Sat, 10 Sep 2022 16:36:39 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3721 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F36653869%2C22500435788%2FViads_Video_Activity%2FEnsonhaber.com_Outstream_ADXV_multisize_updated&description_url=http%3A%2F%2FEnsonhaber.com&tfcd=0&npa=0&sz=400x300%7C640x480&ciu_szs=300x250&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4061499916861712&&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=3794227374&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=A2F2AEB1-6DEA-4547-B08D-A59A8EC5D425&nel=0&eid=44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806039&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=2219864230170333&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame F2A1 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21849154601%2C22500435788%2FAd.Plus-Video-Display&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=1266497476394166&tfcd=0&npa=0&gdfp_req=1&vpa=auto&vpmute=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=1073201903&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=87364B30-4446-46E3-9CDF-3FAB0E5647F5&nel=0&eid=44750823%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806057&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=2047499983938738&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 21DA 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F98948493%2C22500435788%2Fensonhaber.com%2Fvast_desktop&description_url=https%3A%2F%2Fwww.ensonhaber.com&ad_rule=1&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&correlator=1307387765329416&&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=1262972149&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=D14FB484-32F5-44CF-801D-FCC2ACD10C8F&nel=0&eid=44754420%2C44760950%2C44765701%2C44771693&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806068&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=962353395350160&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a97c6e2b51d6fe0804669754eeba2d599a10c16c56e88a9ff2661a742f7ebd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
950
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 52B0 		2 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2Fca-video-pub-4090704406626496-tag%2Fviads.ensonhaber.com&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=1676589608279041&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=2123602379&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=4AAD270A-98E1-4829-AF07-447FE11C5733&nel=0&eid=31061774%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806111&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=4412070266559005&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
481107d3803f4977aa16cfa922c8e27550efe121c39a3b542ee9539f8d84e60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
950
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4052 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C22737937330%2Fapl%2Fviaaplads8204%2Fvast_075&description_url=(domain)&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4157488174108021&&vpa=auto&vpmute=1&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=viads%2Fhtml5&sdki=44d&ptt=20&adk=3453750951&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&sid=715BB459-B9FC-4CA3-85DC-986F497D0A39&nel=0&eid=44752996%2C44754420%2C44760950%2C44765701&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827806121&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=3760358309076649&ged=ve4_td3_tt1_pd3_la3000_er957.-8831.1110.-8531_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 4C1E 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame D500 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:38 GMT
integrator.js
adservice.google.com/adsid/ Frame D500 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame ECD7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM9r1F8psxFoDa7-rGzP9D8&google_cver=1&google_push=AehlK4AS37vRdqmGebmZMFp6tBhn8sIH_0Nh7kYAJQlWxh8Zhl6YYJcZtRJghGDbjADUILuDH9Jx7YVowyehHIAr7tbJtsENTCXv
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDAzMjAyMTIyNTAyMjc4MTY1MQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDMJk_5paffoIPgOMJ-GgtU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECD7
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEN-smx_LOjmv6VXEo5x9Lbk&google_cver=1&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT30yX299wRC0iM6
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT30yX299wRC0iM6
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 16:36:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4DUEUFKwaRgSKrs5fp6zaeXXkQxDelJtuI5-9lVB74sPB6CNFxmCLzpV0rRPCWIuvWAtNlgfloD5QGhYT30yX299wRC0iM6
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 09 Sep 2022 16:36:39 GMT
google
match.adsrvr.org/track/cmf/ Frame ECD7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHzew2RG4R_J30ApalmteKc&google_cver=1&google_push=AehlK4BSosxPbnetAN2nsTqigXT9XWRaaf6PiSMJvr-6FFrV59eTLSO7BR07FiCxB2h06YQI7i5oNp50NyQYZE_H0vS1ov_ghDM
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame ECD7
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEHINRvcsQd7_72i66VjYlTs&google_cver=1&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8U...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8UFQhsGvMRRCLB79-A0&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8UFQhsGvMRRCLB79-A0&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DRrqxZiGLf7wiMd950Vb897bLGMy_GDJveCKLP_540OxeCxW2Dic85r_WygzWqKm3-pw8qvJ-PH8UFQhsGvMRRCLB79-A0&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ECD7
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJUGr81nVTK4ql1vEoEOKpU&google_cver=1&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMn...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJUGr81nVTK4ql1vEoEOKpU&google_cver=1&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMn...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 16:36:39 GMT
pod
X-Sovrn-Pod: ad_ap4ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4D55dnjlFUGe0krvLpjB2E4BksELi5elsHVTbbZEPIiwDW11Esei0q-4HAkuBpwa-Iwu93NokYwLZwCNrmMnzI-3F-oQ3-Z&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame ECD7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBYZtMxYKSkPrEwI2ZdSAU&google_cver=1&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENBYZtMxYKSkPrEwI2ZdSAU&google_cver=1&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0zQ3wf24UCVQxbvtnlAGwLgfAKQ
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4Cu2fwOjJPxY41JqUI9WUcRLiGFVZqpV9WW04QYmyy3Tk8XxAAxo7jdJRs5IYVZJq2Nr0zQ3wf24UCVQxbvtnlAGwLgfAKQ
date
Sat, 10 Sep 2022 16:36:39 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame ECD7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9HEFjSqUXZG6m-aGrXnaQ&google_cver=1&google_push=AehlK4DO-8giIBbI1GtC0Y64RpuNg0ujGUvwAozRKzxb3_cBg_PRxv8EYCaLJhDjLTQm_Aq6amHljgDUTf2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DO-8giIBbI1GtC0Y64RpuNg0ujGUvwAozRKzxb3_cBg_PRxv8EYCaLJhDjLTQm_Aq6amHljgDUTf2HlFS2mGT9cAtUXQVO
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ECD7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InlVafE7IusHqJxzH2BHvs2hZ3GTSsJU1aJDovRL7xeIkJj3Lj_yPn5JTJl0aAnV8koHDhTa8
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 4FF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=1973381689733871&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 196C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
383685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j21x4BgraOPpnP9XBZGTOqgamAu7Dd4Vfe3XSJxzJIovbQhgPiiIR4iUshOmF882lFeDz%2B6hUIszGUOqTfDuf3CNXgBCvbeUbiS%2BvyOanwWVBuADfnE3tMy9Un0oloZaHtZ69uofJOYk7Rt1WTjOxW2g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7489956f8c07903d-FRA
expires
Thu, 31 Aug 2023 16:36:38 GMT
animejs.js
static.criteo.net/animejs/ Frame 196C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
truncated
/ Frame 2C4E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
209213a170ff4975bddd6da1bc339d254a0b7bc6e4a82e2136b68d909d740ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame 196C 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame 196C 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
img
pix.eu.criteo.net/img/ Frame 196C 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F48e90924-9c1a-4c86-80db-4d9c870523cd_ee1a97fc-b1a5-4c78-b442-b904241fa738.jpg&v=3&w=400&s=LOvVWTUyoMihz2iR71qWWM_w&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8c4d184391f9228fc5b643c87a9f17cd4eef68dd31289fdabd38e8da6aea6fa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=924985
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44634
expires
Wed, 21 Sep 2022 09:33:04 GMT
img
pix.eu.criteo.net/img/ Frame 196C 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7c7559c4-fd7a-4c85-aab1-9145df5e7a88_5c481e7d-00e6-4d84-8062-64732364c3a5.jpg&v=3&w=400&s=sNElf0M_hvvi08s8tjjX4WLU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
4fd7b9202c724c3a5ed74236fadba8725a187eca066f72b35ac6fdc5fd52b3cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1061963
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
36938
expires
Thu, 22 Sep 2022 23:36:02 GMT
img
pix.eu.criteo.net/img/ Frame 196C 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F86e6d62b-8332-43f8-9cac-f1d287bb8fcc_01fe8fc4-0e83-40be-9241-841bde6dceaf.jpg&v=3&w=400&s=BGr52jUGDtLwrJYy1GVRK-tq&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2189e6415b14eae03e18a566589ed9d1707a8b65b37f3ddbb206810fc95850d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=501341
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
60098
expires
Fri, 16 Sep 2022 11:52:20 GMT
img
pix.eu.criteo.net/img/ Frame 196C 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=2&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2Fe94d67cc-c2f2-4620-9725-57c14ce2c1fd_41105fd5-841b-43e3-8411-de80dae587c4.jpg&v=3&w=400&s=tiT_UF1flEL_5UKE1L-xEikY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d07b6c9f657d32bf379e8c8a028fe714522edfbd72bad04e3166d34efb23ec3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=870828
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26080
expires
Tue, 20 Sep 2022 18:30:27 GMT
all
csm.eu.criteo.net/ Frame 196C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dPWo9DFJN_5Rv0Q37sOgP4k3SEBcuJXFigtCNUUjxLHi62Uc1caFZhVhBmlApyFGMzLygHv2aa6slFSxknECyL2ACN5c70-LZp5K2-ELgh0FdJ-EhlkjtXsZZC6YEAdJqfEvJ54N9GuceBMwNJIBmaPEAOgQ2qowY0gNgqVGmKkH5Xpvgm3oehlVMgUZ5GeaQ1PgJNgiZqB6SxO45dKSmz4TzhoY9fc0H_xsgTwEFtGLFXCW3kWBLuqyoZ7gbZFwPEznhw&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 16:36:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 196C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 196C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:38 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9024 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Origin
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 9024 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CU33FqS7_fJBc41ArBRZMvinQjE9bdlcZ-ZpTHdHcehqoH2pVCKF9K25Cg264smqARrIzRPOD2haTAz6P0SM-W1iPASg&cry=1&dbm_d=AKAmf-AzdAmvxnyI3B2sp6OXcYn50TDcAMjV-htbcLmLn7DzN5XdlQNM86Ju0dLaffP5RXs_ehnk3gzeQYYoeccwSK9qL049BkeWpmiWFYFs5ZWnKTZeFGfnsxKl-chHOpGgJGr6PmpCe7jmgs761Wyv5tvLmaknT8sqhUMFeyilBrfVm8a0luFkV6LzrGUPtOBPQirUJi5AOhHT-9F93NFdfzbYZjgu2v5cQepjakj8giXhCJLjB5up93nqSwGkZeScYEIwWz64pTnFtGMIH_OUkemixmC1-dRDAOx6caKoqR59PQotzKC6xbz3d3k4IcHxUSktv1Bv6Nepr2EXEHPYTPAkc4MlULYIC1tP0AIEYGNC0poSzgZGAThSgc9i3dO0IVbnfYA0G-J0sXbYlKt_quiH8ReyvSA38jIFL7DCVSCrdrVIaentVAPL9nxTpORIYvPNI1DB2xFhFdIqmHVWTcJH6yPc3vS3Vt-rMbk0H6uLVcMPpuepa0-B5J-vobc1xiVYavKAHdSZuGrBHijxgoR9NzL-W0fK0UjWDvpJl986Bt1qf50gH13y4seTslpdGtLuvptgkIUqPw_qdymoJUsjmvQygsGvKLhjUgIn72_gifNJhq_05r_xy7YZjw5ueqxlPh5EZU4LAS1GhWpjoi8ZwT5fK4uUrSBX5YiLj1ZstSqfjzMx1ciSDwBs0mmRjQXuY5b_QcMF_jfAIyEoUvwPiEO4DMUmK-v998Ey8A60uBZcn7z0XuCvkmGWDKyucLR01Fz9jynlks3zjg5xnyVHQu0y-K_Q1Ny_KBkk8-J6vWPTAPG0BMTKRNcd9rLm2zNS8wsN6H8OPLSES4m9wNvFm8rlCX6ky1V4EsCZzG_wlRFRRFNc4pfjG_57sz9qg6LX8p7v5kSm5s-AevpWYw6-HlmC0dWRs9X38Y6ISGobqtU0YleKGAGHf8D0SABqHI_dL4o31tQtmocDrEOjlkzd_zHWt0SyM7Az3pWsabuvFNf_p5pikztVN9XohAAAaxXkf4nNRRjNfPFPAlcZaGGzzRGUXtaBXq9k3178zKfmaKcgjlx-aZYkofmyt4Z5iEdLe5XmXkhHm7zBCS4kQ2tkl4VltEzNlw6ug6hY2Po-KtpNaC8UuQpnbZSJeQIg7iA9ET4_QbSmj7vfLk5hlVRowkJQIguTPEktRW6xg-TZHXkVfxgwkV5GyIQ0q-GBfmopL7Tkz526tzvEi9vRugTxU5i1tBH3_I9zDYj-WtcYVW5OmweZB6-putN-SoGgEozVrr9kSE7t8JvcqiFqQ10uKi5JWIIrvBYO3rMoN1_nz0oqWBokGvUtS6agEKMsfxmV3BJr-7mpG7iXfdP26Qtk7-zQv_8WjHearRcd2jFBPfljzqpnYsFFPxWueXRt7x1KUKfJmlSQkFSkxF6Pcitv-gYpxw3V3YoMeLhqAdZ9zkU5_SFoEK8FFAyRJqV8VXi9wIY85mGjG2YCp7tqZgrbJvBHIfpS8hlza0MxoTmhAHSvbGrdUPy94bIhhQJcq1G2CGB_uqmgGYcdvv0dDIxHXQS_kwT4RRQIZ3-nCNeQdb4drC-hsRdKWGlXlhLu-DrFAEWGcTRN7-MKwX2dn6Tulzp7i_b27OEXeVJkKQQT9xOQB-_Dsz__XnnqpUaMgJ4II92n9dkAexrnaPjbqpkjm9Fc7ryZyk2X0yLQtbDriRtWGz0cmd4aZCJg-4Du0jGROGSyU6su9Fhw4c1fhPPwxtVKiO84aMYpTyVSw7avMwTVglL-xT359eeKZMOvSxl9iU5QqS4BFkbnu4Qcj8tfYa1r9T4ITTNgji0EpduzjJp7D3jSCyF0LHaahJFue_6-WYbrul3Ys9mLAyK8MQ0cpwX8y8xLga3IE5tALMsaOmt4BIr2jqbUdVsHTp512tiszR03GpbUSQKjgjkTAlUgwMUOQ5pxYEfsVZq8gsWaZsRatug2nNUcDhCsVYrl9bWGkjxnrCqA9kmcKa4qXOc5h_vqEVNCqZ0GuRcq8RQilJtaoGBE8D7UkqxxtfJEYSdwMeF97tkk4sqQkrXalQxS-RixTuQQnco_7CqjYoddbFeTCU9-XlONzMPsKhfvZ2JczBgV4CxLY6kHMSzWs8e5NjOCm3R5qWd6uxG31lZtQiWU8reK2ppwOUN27c9UMTcboB9JUHATTlFrS8XCxIua2fvO5OhDerfqUlbpG996219SDm6dT8K5w3kJXqPE_shfEvcx8mmrsq5FWueoIGuJRAKgW8EJWTe_hspcBc7cf4pTCfafYjpreckzdr2rHXQpplQ8Cy8hRIliyPbY6n0s-8YDgOISJNOK1ofAhXqCg6gM6UxE8p26He4Zvm4TDqm3casWs6-Qmw3NlLbSzjb7M6GKrww_IkJb9sg1ZM82XTFcAboIW77TRD7BXLVeSjp_U1Yx7R3K3dLD1djJ3LEaWuZ0YHdUzkRMqZIj0mO1LYSBxUzRLxAMS4-ljq3u0C60oFQAB9OVn5txG4rMPmFZRg_OETSGJQjdqF5gf5qmfGLwXrAeHKnalpj9qgNb1zCXNHTEhOzYb0PlMxG1aCQ-THESLVPAJNP-9xyWMwGQCGE76nmlMFZYyqEIgIHewXCgrfX0cl-MkMxPM0cH1QcEQrcXXrCH3XJl_QojFt6zcHZF5C5xaxkvTRq8gWS6nW_BkPIk6le-tdtemT8iukWbnO4J7BK51Kx9_pgG2-B9DJS_F15jakXISBlbZEJr1vp9jCDkXC-KnNj5udCf4ntE1j6dG8zgr_rr7WWIjuQNiGMusm_ArWApKFNxzIbzUTNT4heaJodXTJFzLP8rmX8FEU1MPpq9ZDjmIVah_6rN2uWgOH3oRw-vsq8ecspgTlz-nLsE58ysBkx7nGCV7Bf5jLhZ8_q188hzcdCB-6qhRfcObsglr1vaDQVXACrbp_oHM6oKN_1BvBcAPcPL-bQLW9iwTIDvie9C1djdt-2SKZDblPQEpWSfmRXAk6YQYzm8JhaXGMRUTNrYC3cfZ_5ssVaxDQK3M6bJtIR_HbHRjAhVQJzJE8gpa2TzVbitrH9r7t2RR_-HZq4NRVp-Q6rf2yjpT4HYAArp_379ZM-1sjd-kTq9lxZeKKSFtOCP_71GgqcKRAgLaBWdIdg5B0wmGl-MV_z8xYQM4ypV91mV0OPA5vROzy47xuCP0A5eX8htwiTNUDIrqx5GO4WGALAsdGLH6oH4oC8cGZElJw3UNz3pn3YLe9PyWIcgQbtOjGGCSgaLRbucE1hHGp65lnKM34m1FirwNwqPQw_kaxBHo97i5y-r40e7swT0YJ7ZOJ-UO0Rwvvo831KnSYjzzbN7KaFfxQ&cid=CAASJeRoAFnTujunKZmFgF8crFYCXUTozPS-UaRxaWVvwf-sg4NaJyE&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:29:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 9024 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CU33FqS7_fJBc41ArBRZMvinQjE9bdlcZ-ZpTHdHcehqoH2pVCKF9K25Cg264smqARrIzRPOD2haTAz6P0SM-W1iPASg&cry=1&dbm_d=AKAmf-AzdAmvxnyI3B2sp6OXcYn50TDcAMjV-htbcLmLn7DzN5XdlQNM86Ju0dLaffP5RXs_ehnk3gzeQYYoeccwSK9qL049BkeWpmiWFYFs5ZWnKTZeFGfnsxKl-chHOpGgJGr6PmpCe7jmgs761Wyv5tvLmaknT8sqhUMFeyilBrfVm8a0luFkV6LzrGUPtOBPQirUJi5AOhHT-9F93NFdfzbYZjgu2v5cQepjakj8giXhCJLjB5up93nqSwGkZeScYEIwWz64pTnFtGMIH_OUkemixmC1-dRDAOx6caKoqR59PQotzKC6xbz3d3k4IcHxUSktv1Bv6Nepr2EXEHPYTPAkc4MlULYIC1tP0AIEYGNC0poSzgZGAThSgc9i3dO0IVbnfYA0G-J0sXbYlKt_quiH8ReyvSA38jIFL7DCVSCrdrVIaentVAPL9nxTpORIYvPNI1DB2xFhFdIqmHVWTcJH6yPc3vS3Vt-rMbk0H6uLVcMPpuepa0-B5J-vobc1xiVYavKAHdSZuGrBHijxgoR9NzL-W0fK0UjWDvpJl986Bt1qf50gH13y4seTslpdGtLuvptgkIUqPw_qdymoJUsjmvQygsGvKLhjUgIn72_gifNJhq_05r_xy7YZjw5ueqxlPh5EZU4LAS1GhWpjoi8ZwT5fK4uUrSBX5YiLj1ZstSqfjzMx1ciSDwBs0mmRjQXuY5b_QcMF_jfAIyEoUvwPiEO4DMUmK-v998Ey8A60uBZcn7z0XuCvkmGWDKyucLR01Fz9jynlks3zjg5xnyVHQu0y-K_Q1Ny_KBkk8-J6vWPTAPG0BMTKRNcd9rLm2zNS8wsN6H8OPLSES4m9wNvFm8rlCX6ky1V4EsCZzG_wlRFRRFNc4pfjG_57sz9qg6LX8p7v5kSm5s-AevpWYw6-HlmC0dWRs9X38Y6ISGobqtU0YleKGAGHf8D0SABqHI_dL4o31tQtmocDrEOjlkzd_zHWt0SyM7Az3pWsabuvFNf_p5pikztVN9XohAAAaxXkf4nNRRjNfPFPAlcZaGGzzRGUXtaBXq9k3178zKfmaKcgjlx-aZYkofmyt4Z5iEdLe5XmXkhHm7zBCS4kQ2tkl4VltEzNlw6ug6hY2Po-KtpNaC8UuQpnbZSJeQIg7iA9ET4_QbSmj7vfLk5hlVRowkJQIguTPEktRW6xg-TZHXkVfxgwkV5GyIQ0q-GBfmopL7Tkz526tzvEi9vRugTxU5i1tBH3_I9zDYj-WtcYVW5OmweZB6-putN-SoGgEozVrr9kSE7t8JvcqiFqQ10uKi5JWIIrvBYO3rMoN1_nz0oqWBokGvUtS6agEKMsfxmV3BJr-7mpG7iXfdP26Qtk7-zQv_8WjHearRcd2jFBPfljzqpnYsFFPxWueXRt7x1KUKfJmlSQkFSkxF6Pcitv-gYpxw3V3YoMeLhqAdZ9zkU5_SFoEK8FFAyRJqV8VXi9wIY85mGjG2YCp7tqZgrbJvBHIfpS8hlza0MxoTmhAHSvbGrdUPy94bIhhQJcq1G2CGB_uqmgGYcdvv0dDIxHXQS_kwT4RRQIZ3-nCNeQdb4drC-hsRdKWGlXlhLu-DrFAEWGcTRN7-MKwX2dn6Tulzp7i_b27OEXeVJkKQQT9xOQB-_Dsz__XnnqpUaMgJ4II92n9dkAexrnaPjbqpkjm9Fc7ryZyk2X0yLQtbDriRtWGz0cmd4aZCJg-4Du0jGROGSyU6su9Fhw4c1fhPPwxtVKiO84aMYpTyVSw7avMwTVglL-xT359eeKZMOvSxl9iU5QqS4BFkbnu4Qcj8tfYa1r9T4ITTNgji0EpduzjJp7D3jSCyF0LHaahJFue_6-WYbrul3Ys9mLAyK8MQ0cpwX8y8xLga3IE5tALMsaOmt4BIr2jqbUdVsHTp512tiszR03GpbUSQKjgjkTAlUgwMUOQ5pxYEfsVZq8gsWaZsRatug2nNUcDhCsVYrl9bWGkjxnrCqA9kmcKa4qXOc5h_vqEVNCqZ0GuRcq8RQilJtaoGBE8D7UkqxxtfJEYSdwMeF97tkk4sqQkrXalQxS-RixTuQQnco_7CqjYoddbFeTCU9-XlONzMPsKhfvZ2JczBgV4CxLY6kHMSzWs8e5NjOCm3R5qWd6uxG31lZtQiWU8reK2ppwOUN27c9UMTcboB9JUHATTlFrS8XCxIua2fvO5OhDerfqUlbpG996219SDm6dT8K5w3kJXqPE_shfEvcx8mmrsq5FWueoIGuJRAKgW8EJWTe_hspcBc7cf4pTCfafYjpreckzdr2rHXQpplQ8Cy8hRIliyPbY6n0s-8YDgOISJNOK1ofAhXqCg6gM6UxE8p26He4Zvm4TDqm3casWs6-Qmw3NlLbSzjb7M6GKrww_IkJb9sg1ZM82XTFcAboIW77TRD7BXLVeSjp_U1Yx7R3K3dLD1djJ3LEaWuZ0YHdUzkRMqZIj0mO1LYSBxUzRLxAMS4-ljq3u0C60oFQAB9OVn5txG4rMPmFZRg_OETSGJQjdqF5gf5qmfGLwXrAeHKnalpj9qgNb1zCXNHTEhOzYb0PlMxG1aCQ-THESLVPAJNP-9xyWMwGQCGE76nmlMFZYyqEIgIHewXCgrfX0cl-MkMxPM0cH1QcEQrcXXrCH3XJl_QojFt6zcHZF5C5xaxkvTRq8gWS6nW_BkPIk6le-tdtemT8iukWbnO4J7BK51Kx9_pgG2-B9DJS_F15jakXISBlbZEJr1vp9jCDkXC-KnNj5udCf4ntE1j6dG8zgr_rr7WWIjuQNiGMusm_ArWApKFNxzIbzUTNT4heaJodXTJFzLP8rmX8FEU1MPpq9ZDjmIVah_6rN2uWgOH3oRw-vsq8ecspgTlz-nLsE58ysBkx7nGCV7Bf5jLhZ8_q188hzcdCB-6qhRfcObsglr1vaDQVXACrbp_oHM6oKN_1BvBcAPcPL-bQLW9iwTIDvie9C1djdt-2SKZDblPQEpWSfmRXAk6YQYzm8JhaXGMRUTNrYC3cfZ_5ssVaxDQK3M6bJtIR_HbHRjAhVQJzJE8gpa2TzVbitrH9r7t2RR_-HZq4NRVp-Q6rf2yjpT4HYAArp_379ZM-1sjd-kTq9lxZeKKSFtOCP_71GgqcKRAgLaBWdIdg5B0wmGl-MV_z8xYQM4ypV91mV0OPA5vROzy47xuCP0A5eX8htwiTNUDIrqx5GO4WGALAsdGLH6oH4oC8cGZElJw3UNz3pn3YLe9PyWIcgQbtOjGGCSgaLRbucE1hHGp65lnKM34m1FirwNwqPQw_kaxBHo97i5y-r40e7swT0YJ7ZOJ-UO0Rwvvo831KnSYjzzbN7KaFfxQ&cid=CAASJeRoAFnTujunKZmFgF8crFYCXUTozPS-UaRxaWVvwf-sg4NaJyE&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:33:39 GMT
sd
us-u.openx.net/w/1.0/ Frame A18C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A18C 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A18C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 10 Sep 2022 16:36:39 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A18C 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhj45_HLATAB&v=APEucNWfwwj9oLfUqJtE3D9mREBgIDM1VFM5FCW27ohCOxXrjx49XA72qjShf7MAx6S4Dij7vD_aXrcIW3duWKs6bj2ZT36mH5rx6C7fXkgV_81uLOjiRxLrC01dhBLhRMIk9K1H0c2Y_m1KMSM7YwlAd3FZP7dc6izjhYWGF6Hps1oaMx3SiDA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 10 Sep 2022 16:36:39 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame DAA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO-XxQ9GuKCuh_8YeEBPjcs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DAA3 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DAA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 10 Sep 2022 16:36:39 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEbc5-YkLNIQf1KLvfruBdY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DAA3 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjz9fnQATAB&v=APEucNW0-OefwSKZlbGK2eOytIc_mQKZ_5dKEa0_CF90NmvCNPW2OkTyE52rSsY0NMAzPLjqiuggXClptnyc3mJT3RZE_FPi6HENoSKfdbe7CqcOUbKveWwQRD43r_W8AtcAXFFer0aWlbLcllNEjvybn-g4jPqUjJX8QqgM0jYGVAzjBObtgNQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 10 Sep 2022 16:36:39 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
index.html
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/ Frame 937B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d06b912ffa427e50c099215d79e0a957b279411db011a4af71a2e5e02038a89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
118004
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2642
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:49:55 GMT
expires
Sat, 09 Sep 2023 07:49:55 GMT
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9F4B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfndI3sVZl5CN1xCSgSdaVxvH2Ez77Ll2un0v-5zozNYKDiPpTUU0uoDZQVePOw3-gi8EcUZxIiJVV8K9vXLAYxGewL0_06tLGnpNFnlYFMb3vnQohPDeMnOEJm2dPzglR8j-f2eNM-Rd_ALY7DHLbfTJa8NkIRN742MoCn6Kv2oD-NFVjTYohD0vQ1xni9BIEIdzqrfNHy1ElUPpV4OyfeEnsKr-eUHzvvzd90qTPZ4YSm51YD9IYqGD4VxKdIAd-0cBQJ5bYkt2gXbb6kWFvNJCPQDM6Q1f_mzqot-m7xNtJmCuBcohy3pPjaJ9iGmVhBW_mfoff3tEzrNXc60wtbAHirmu_BuAKuBxCvW-YA3jCqamLzf13lxIpcXU5ivmQYG_zpmiVFWoLK-Ezhg1czPBKPBP9myPwQOvtnvVgl_I_54iYi8r6ttvIuyVVVW9P6tdhQfzD3ers3-8eGOknN3cMh1TWz5MEhDPRRUsOSCslb_6TptzJN7rjVUstyGwZkcWw9hfR5CG6CNkfoLHbfvVjFpFh2FxeKcHExOY551RmSwUcJLvwxRVDaSzpv9aWyvwisA90vJ-8MeXYcQNU_SxQe7LTQlqlWCnnjEm_jm-_ekIWFmDpD9z2_iDeYWyOaboi18WnuSql7ceRPyBg9yIuHQfKdtqVfB8Luog7ngN-oV3mM0UnpB0iHpxRs6Sy4dvIIcz8u3GtpfQ7LtePqD3-C3hh3nGrPJMN_mf2jZiVVjS0C2MeuagnrLaHPykM_3ExFpQDMwT-RrSMh8gMJNIuCSKBtJthHvbaPxRCfkclBu3SXrgT52-yWwwH-MlHOh8eam_nESWoMhJIWiHHWHMN2e2yo-AaEiqj13ZOtdIPxCH269R2P47u9HDSBDW2D2TlVYo1SFKHxIdbkeLMLok17TJs8Wn5ORkuMreX52xQjeedJh1aWjx4j-A4T4bu_IA_g1QZbX1RzPCAvFWWLR2vrSVfFqdVhvYITkoNPsvAk8X9zG4T0B7hYbexoa693ADBiJ1x1moEDFSFpOV8KuQYPt0AYsyGdcoXKm1R7c-3mdkRp6JPPyDmGN4myqzzFHAfS233zUEs51-Ze281P4VkBnrSGOwTA1_semtpvVJJS7iqba4exTnkQQE5hpIVLzb7LAQ-0rdwa-Bd4MyZDevmLXZeSbp6qKUj4DdorsXrzCY-ZsJMHnWYL9sOHfKQnBY9lMKjMczxVnQo433aRrTrJ2Jq0TUdhHWLbVsEHIjdpfHwWTR1zDN1gtfYaK5mchmc7VQjjROJj-YcNVBPm0tzb-wR5m3_Zjc1Z6dLnaieYqEn0y5CTo1z&sai=AMfl-YQr236MdcBmyg-JC8bEA6Efe1zsxYZapSykWPikG5VhO_uzfrJlt28DCt5UliKqa9_WQ8krs0p-c_E90x_y07u64DKGaJWwhpCedGjwq6xjcZCqOTZirfd9aY0g31TwA0qiVH1TcybVz8o6KFv9V0XgXVTVOt1CtwRLxqU-kVMtFLt9QNKnseWplVaxgFMjJQxupLFXvxw0VqSEs_WGkyzn&sig=Cg0ArKJSzBv5bAiuEl7nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=569&cbvp=1&cstd=551&cisv=r20220907.62488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 10 Sep 2022 16:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
firstevent
skydeutschland.demdex.net/ Frame 9F4B
Redirect Chain
  • https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdpr_con...
  • https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdp...
42 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdpr_consent=
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
52.209.199.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-199-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v039-0c841293d.edge-irl1.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3qKcNdKfRdw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v039-04073f196.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
coMhCnXnSeM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176847322&d_placement=345303423&d_campaign=28385539&d_bust=3885028008&gdpr=&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ai.aspx
m.exactag.com/ Frame 9F4B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008819312&extPm=441555510&extCr=18151529235&gdpr=&gdpr_consent=&rnd=3885028008
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
X-ET-Code
0
Last-Modified
Sa, 10 Sep 2022 04:36:39 GMT
Server
Microsoft-IIS/8.5
Date
Sat, 10 Sep 2022 16:36:38 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
923
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1171896/65674243/ Frame CA71 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1171896/65674243/skeleton.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.71.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-71-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7c75acdc41786cbfd0ff4e455f868d0aaa0137c8c2d869b56293e94879b67557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CA71 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Origin
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame CA71 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOfsewQuabb10G4U45HQNMcmNwAPdEdbX1tXDnQXx1qa3iX29RXoiNNo6NNR0bUxmVezNVgE0Q2SC7crjQ4zx2lQrEWw&cry=1&dbm_d=AKAmf-Dwvr52DkEKXwXVkBHTBJnkocfkLuA-7_HjW4tGyCusac3K-OfOQxRdxrLkdBRfAZ6q0Bn_ruAyeRvosP34dpkDQIfWe1K4aV6qxYvNReHB6qlgDPcZwQITM3n4JedUTD9oACnm2BfNhmmnXrRCBtvrDD5tRs9XSKqNQSIrVVe_eBfi5o-hwwZ5SOAHjm-nZgbwEt3hAiunLS9aiJJGPxVfZW8Oh6kXZdMmEhBEac7j2kAeipf8is3T-JnBeyZPauLn4SjUJ0uPN0fp3cKkpsM7J5ycj-6cOQ5IFdjwCmgbGyxsEyA9AVpwF3Xvfw2EbxKkA2ov7ay8EN_hClrzUuAaQcwaGnx6_LyM3PjTU3Bl4hqLSLYZYY7CADYZRK8TnRX1gXGhiOdhbtB2DE6T3WjQJTah0wsc44EUYfCYl4JOz2x_vOa6i4YdrD9HFj5rp-I_T9WnEjwlCJWCkoU2rsFQuIzoaUyijtx1MMYChfNpBJctY10EwshdoRMCV12KkZRxZ8lC4nJUQNsaDpx-8Y8X_O_furT5xrJc68tWPrn_au6vbjmx0RJkRAYoIxO4S_Llwrn29NBz_RUYUW_jJtV8Y-qobXcTah8SH90vX0GEWo8o8YLqmyyQ8kEhvixxhtcbG3_JqB14Xm6RKOPbLP-0ljZ9peCwvcY_lTE0Bk8s2Ji2qNA-IzHN48aIFvRdMUy52aW0oWqtDxnUnH-wyJVfkNELKOMMTKGIN2C04VXfX4q569Gov-wtCconOCETHHIOdlGsntE7HVAtOPBmGuqzWId1hgqK8tMQcYeVo9fPqI_GQr30MAGPW82yTqNrdt8gw1LA8qklu9FcRRBvlP6q-0KPT4hqzvTZoOrBY__Csw_mmshhtOSPLPHFlhWlYu7DlUN2bHAvsCX7YDxBEH1EafhwtFRIxvgExh1ynqCmYO1lYSqbU--UwRvbCFufg5dzH0tnSICsjvbwZHWg5YIPX4RgW4mjP-1Ak4mPdcv3NNToxkAKe42zqEJv5UFFxouNqvDHrIl3S3kucEfkoo2qcISK9kdfOa5TJj1LffoX8TO_KAnn2Cc1h-pPsqHnUeWTLhPs5ZGQolRh_I1yJgOmZB5RlLU-iUH1jNtWIKO18CRQ5RQ6qVyzl6bMo7Jzb1MkyyntxPFml2mFX5Z4DPw_6LgGxQdZ_7Nzeee2nC58ORhocSV9Rp6flqwshvOBNzieCxlQHeEEjkkVOZfZ8QPhplMa6GOC-z7-2V2po1GFWjCaZX-b_mEtR5vs_Jdm7tHCUeH-pKNNL3E7M1pBhuwjxqCAvOaoB8aN46F2Yya3lLWebC0wGRK1dYvbZP86m5xbddnrGO9Ifpfl4VLE1zpT0SW-yHU50DvQnECLSEWiAbKt0Jiy5H5Q-oUcQdatfqZMu6r4NW-BEnV8eozUs8OtEdx6SHIVgFTt3PI3u_Jw0Iiuas9Zcc7gmr0h5YIxRXF6XLbIKZo8FxgyK4bfi3v48DKXcFUR83f8k8Rpwg3rB0RZTB72Rd-lUd8D-9fUd5a3iPSX8RiX40oU-Xt8U0vZooR-nsfiA5-hLqtn0J4jLdjqmcN-t9i5i7lFwCEOzU2s6Zpn_rFl6rxUTIPkUFWdOT2n5Iz4GPaQjTf_xSA4VPyc4ukSJU6SaQbk7JN0MvAmH_0NQaYD72vJjbMEJFvu33jrO66j7Kt1kNlEsroORSnsFdIcm19T4VyKvBfsRMtudng-W8siEASU3zz1Yrw-Y7uS_039AyeI0Pe_-vsbj40vPCJFRHKcnoNCTfIQzQRVQrTmy6btpkVbxwpm87mxsympA7md35DyyQuAiLXHVdqPkOIT2lAzwjpAr2wuCns3D7uU7lhmQIx_04r6O1Qc0w5d7LYcOrAMPnixn8PeN2I7HzEXJDI4uhTsVEn_d4VkARwixog-oi5R04txjQI47OpQpYLLnLEULyZjBelos9KvSM0V1EPLr_2E8mkqPV2QUpw2cujlPYcJ4paURW7tysP1y3F3JLPTXTswr_Lqffl23kB2QpVSpsSJPT3dpJJz_W8NBMN2LnrQrxkpT2dbvpawhy5WAAsjklDnRvOav1fmXNAS5gkv3LRyZVgILy9H4XkA9lwbThB6eL--ZpdenIcvBhmvFV8GsAVC6kBJYb_CnYN7r7mMviStmgk1LStcBViuAcezqNrIa6KoPQvNDYmCcV2BbR6TowUwwZe93iTZwaXPZ4_sNNgC5VNEv104vHywPHSwfY3ZPivgWDns7K-Ombt6h41V9B5UWqRS0jkiaDCmN9CzkUPMCJmz3H2YWjvDpvpOZN7dW_BJGi8mIMftk4kDDALpoKM7_xu0HXhLCdOo-cSXuwBOOBZZ3itV2yLlP4p4pK_cLzGvAHwfQOq-QMp7PqhJXUSflXCQyLtZ4G5P6a_iYMW5x4XeMScCIA-Cg2GrM94HcoqUtR_fqMJk-N_F98C3BN8LChLtFbGwom54n4xSK1GJBkP9WpHsJq-Jpv2BrMCXyDSeE-9qN_NSg6iTNBEvsp-Z5QR4t2hh_y8REjTGO9oo18HE9FHko9AIPiZVkLRaDEWyoTo_COwhhPEBr6IoGy8DtwQDvRUyf7nOO6LefzM12jAy2Nr7JUPVn0btqd4RMHSvWnmDXFXdPf6_mT-xJc5-kf8sBAyiwAwALWGx71rMVmLsZu-GR2qFzIKvlLJd1KHhXL4LEc55MkDpW1TmOLYFY-ETxtHWSBtjrITdaE6kbs5gtfrWtGwfz1H2etOgKd4Sa0G_3OnNXhmOy20rV0zvtK8blb0ZROVAoM0J23w5iITWZEBTztruWT2hHwO7eccW9BN6mM0UGLaZpN4dvVqTblHOMXPiHkHVbgVVgKb5zka7S0cOE5p9Yql40mZK6_uBfmy8KoMYcbhBno5KS1gJXAHXHwYo_3ediMoS6VrHzvCzAyYop059Q4-vP2VoKdVCGBQs1Kn1gZ2VXE5ljLIFqhpZVWBve_obo-CU8hB6g79Eood3rwfqMQB-lrdCeWRjbK9FG4MBnxn3sSgzTRcGYxA6LYnXXDpC1X35dg6ouRodPjOhyT5EgPFLvTAy3adu-yjhYFDaOI64nesnAAHZOlfXTQK4aDFiM-lpeuStNVCk8Zuu0yQI-5-iBUO_M7CkRHhVlrQSPMH_5gEUkHOZMcI4vNnxxTLKnIfBRDEmBCeFrWPtntLakebPKnEB3kYC4af5XeR2bZm7G2swsP-iTutdFhLWE_aWuDIQUosOlqxqonwVx3byTuk-Guk0uB-Nhk3WsCfkUNeSFq4NflxKEj9hhHWgSIxfyqwh_kZQVxX_HE3WUfe1xFk_iTzc9wLGe-j2z1tN2Ey6Z94vlu1FezFWQvp0YCd3_ooqjYqtmdnKFA0LSsy0&cid=CAASJeRovvxqmAmto7ZHO5NIOb5ZSa4avjcqokT_T5UjxWmTn8q6lQU&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:29:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame CA71 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOfsewQuabb10G4U45HQNMcmNwAPdEdbX1tXDnQXx1qa3iX29RXoiNNo6NNR0bUxmVezNVgE0Q2SC7crjQ4zx2lQrEWw&cry=1&dbm_d=AKAmf-Dwvr52DkEKXwXVkBHTBJnkocfkLuA-7_HjW4tGyCusac3K-OfOQxRdxrLkdBRfAZ6q0Bn_ruAyeRvosP34dpkDQIfWe1K4aV6qxYvNReHB6qlgDPcZwQITM3n4JedUTD9oACnm2BfNhmmnXrRCBtvrDD5tRs9XSKqNQSIrVVe_eBfi5o-hwwZ5SOAHjm-nZgbwEt3hAiunLS9aiJJGPxVfZW8Oh6kXZdMmEhBEac7j2kAeipf8is3T-JnBeyZPauLn4SjUJ0uPN0fp3cKkpsM7J5ycj-6cOQ5IFdjwCmgbGyxsEyA9AVpwF3Xvfw2EbxKkA2ov7ay8EN_hClrzUuAaQcwaGnx6_LyM3PjTU3Bl4hqLSLYZYY7CADYZRK8TnRX1gXGhiOdhbtB2DE6T3WjQJTah0wsc44EUYfCYl4JOz2x_vOa6i4YdrD9HFj5rp-I_T9WnEjwlCJWCkoU2rsFQuIzoaUyijtx1MMYChfNpBJctY10EwshdoRMCV12KkZRxZ8lC4nJUQNsaDpx-8Y8X_O_furT5xrJc68tWPrn_au6vbjmx0RJkRAYoIxO4S_Llwrn29NBz_RUYUW_jJtV8Y-qobXcTah8SH90vX0GEWo8o8YLqmyyQ8kEhvixxhtcbG3_JqB14Xm6RKOPbLP-0ljZ9peCwvcY_lTE0Bk8s2Ji2qNA-IzHN48aIFvRdMUy52aW0oWqtDxnUnH-wyJVfkNELKOMMTKGIN2C04VXfX4q569Gov-wtCconOCETHHIOdlGsntE7HVAtOPBmGuqzWId1hgqK8tMQcYeVo9fPqI_GQr30MAGPW82yTqNrdt8gw1LA8qklu9FcRRBvlP6q-0KPT4hqzvTZoOrBY__Csw_mmshhtOSPLPHFlhWlYu7DlUN2bHAvsCX7YDxBEH1EafhwtFRIxvgExh1ynqCmYO1lYSqbU--UwRvbCFufg5dzH0tnSICsjvbwZHWg5YIPX4RgW4mjP-1Ak4mPdcv3NNToxkAKe42zqEJv5UFFxouNqvDHrIl3S3kucEfkoo2qcISK9kdfOa5TJj1LffoX8TO_KAnn2Cc1h-pPsqHnUeWTLhPs5ZGQolRh_I1yJgOmZB5RlLU-iUH1jNtWIKO18CRQ5RQ6qVyzl6bMo7Jzb1MkyyntxPFml2mFX5Z4DPw_6LgGxQdZ_7Nzeee2nC58ORhocSV9Rp6flqwshvOBNzieCxlQHeEEjkkVOZfZ8QPhplMa6GOC-z7-2V2po1GFWjCaZX-b_mEtR5vs_Jdm7tHCUeH-pKNNL3E7M1pBhuwjxqCAvOaoB8aN46F2Yya3lLWebC0wGRK1dYvbZP86m5xbddnrGO9Ifpfl4VLE1zpT0SW-yHU50DvQnECLSEWiAbKt0Jiy5H5Q-oUcQdatfqZMu6r4NW-BEnV8eozUs8OtEdx6SHIVgFTt3PI3u_Jw0Iiuas9Zcc7gmr0h5YIxRXF6XLbIKZo8FxgyK4bfi3v48DKXcFUR83f8k8Rpwg3rB0RZTB72Rd-lUd8D-9fUd5a3iPSX8RiX40oU-Xt8U0vZooR-nsfiA5-hLqtn0J4jLdjqmcN-t9i5i7lFwCEOzU2s6Zpn_rFl6rxUTIPkUFWdOT2n5Iz4GPaQjTf_xSA4VPyc4ukSJU6SaQbk7JN0MvAmH_0NQaYD72vJjbMEJFvu33jrO66j7Kt1kNlEsroORSnsFdIcm19T4VyKvBfsRMtudng-W8siEASU3zz1Yrw-Y7uS_039AyeI0Pe_-vsbj40vPCJFRHKcnoNCTfIQzQRVQrTmy6btpkVbxwpm87mxsympA7md35DyyQuAiLXHVdqPkOIT2lAzwjpAr2wuCns3D7uU7lhmQIx_04r6O1Qc0w5d7LYcOrAMPnixn8PeN2I7HzEXJDI4uhTsVEn_d4VkARwixog-oi5R04txjQI47OpQpYLLnLEULyZjBelos9KvSM0V1EPLr_2E8mkqPV2QUpw2cujlPYcJ4paURW7tysP1y3F3JLPTXTswr_Lqffl23kB2QpVSpsSJPT3dpJJz_W8NBMN2LnrQrxkpT2dbvpawhy5WAAsjklDnRvOav1fmXNAS5gkv3LRyZVgILy9H4XkA9lwbThB6eL--ZpdenIcvBhmvFV8GsAVC6kBJYb_CnYN7r7mMviStmgk1LStcBViuAcezqNrIa6KoPQvNDYmCcV2BbR6TowUwwZe93iTZwaXPZ4_sNNgC5VNEv104vHywPHSwfY3ZPivgWDns7K-Ombt6h41V9B5UWqRS0jkiaDCmN9CzkUPMCJmz3H2YWjvDpvpOZN7dW_BJGi8mIMftk4kDDALpoKM7_xu0HXhLCdOo-cSXuwBOOBZZ3itV2yLlP4p4pK_cLzGvAHwfQOq-QMp7PqhJXUSflXCQyLtZ4G5P6a_iYMW5x4XeMScCIA-Cg2GrM94HcoqUtR_fqMJk-N_F98C3BN8LChLtFbGwom54n4xSK1GJBkP9WpHsJq-Jpv2BrMCXyDSeE-9qN_NSg6iTNBEvsp-Z5QR4t2hh_y8REjTGO9oo18HE9FHko9AIPiZVkLRaDEWyoTo_COwhhPEBr6IoGy8DtwQDvRUyf7nOO6LefzM12jAy2Nr7JUPVn0btqd4RMHSvWnmDXFXdPf6_mT-xJc5-kf8sBAyiwAwALWGx71rMVmLsZu-GR2qFzIKvlLJd1KHhXL4LEc55MkDpW1TmOLYFY-ETxtHWSBtjrITdaE6kbs5gtfrWtGwfz1H2etOgKd4Sa0G_3OnNXhmOy20rV0zvtK8blb0ZROVAoM0J23w5iITWZEBTztruWT2hHwO7eccW9BN6mM0UGLaZpN4dvVqTblHOMXPiHkHVbgVVgKb5zka7S0cOE5p9Yql40mZK6_uBfmy8KoMYcbhBno5KS1gJXAHXHwYo_3ediMoS6VrHzvCzAyYop059Q4-vP2VoKdVCGBQs1Kn1gZ2VXE5ljLIFqhpZVWBve_obo-CU8hB6g79Eood3rwfqMQB-lrdCeWRjbK9FG4MBnxn3sSgzTRcGYxA6LYnXXDpC1X35dg6ouRodPjOhyT5EgPFLvTAy3adu-yjhYFDaOI64nesnAAHZOlfXTQK4aDFiM-lpeuStNVCk8Zuu0yQI-5-iBUO_M7CkRHhVlrQSPMH_5gEUkHOZMcI4vNnxxTLKnIfBRDEmBCeFrWPtntLakebPKnEB3kYC4af5XeR2bZm7G2swsP-iTutdFhLWE_aWuDIQUosOlqxqonwVx3byTuk-Guk0uB-Nhk3WsCfkUNeSFq4NflxKEj9hhHWgSIxfyqwh_kZQVxX_HE3WUfe1xFk_iTzc9wLGe-j2z1tN2Ey6Z94vlu1FezFWQvp0YCd3_ooqjYqtmdnKFA0LSsy0&cid=CAASJeRovvxqmAmto7ZHO5NIOb5ZSa4avjcqokT_T5UjxWmTn8q6lQU&rfl=1%2Chttps%253A%252F%252Fwww.ensonhaber.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11782
x-xss-protection
0
server
cafe
etag
11425859616848618248
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 16:33:39 GMT
truncated
/ Frame EAF3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d80a4ce1277e73f62653ce5ef9935a1c1bbbdc1a4a147c729440adc8ad34476

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4
static.criteo.net/design/dt/2000/220429/ Frame 196C 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2000/220429/f691ce07938941e899a1e1eddda867c9_16x9_video_usp_vo.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f49215a65fdf2e4834dbb698e6f87d3941a7316e8db471f2d0d307cd02bc4e10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
last-modified
Fri, 29 Apr 2022 11:40:29 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"626bcead-23ac33"
strict-transport-security
max-age=31536000; preload;
content-type
video/mp4
Content-Range
bytes 0-2337842/2337843
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
2337843
expires
Tue, 05 Sep 2023 16:36:39 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A386 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
383686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrlWlICQ0KIQbMRIid%2FY7g65suB%2FKHs9GHUq759Snd9sTYfFraUrpwqykvhmYJGWi0ThQ74rE63jx1q0cpE2u%2FeuVOdbEdXIE1rVihpK%2BsW4Cs6DJDsanOQG5R3OzLRFL66la2n8wfXvCbIzJFmGPmAJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74899570ef5c9067-FRA
expires
Thu, 31 Aug 2023 16:36:39 GMT
animejs.js
static.criteo.net/animejs/ Frame A386 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
9af63da692984f7884d89dad36906685_makeitsans-bold.woff
static.criteo.net/design/dt/ Frame A386 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/9af63da692984f7884d89dad36906685_makeitsans-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-e7e4"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
static.criteo.net/design/dt/ Frame A386 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bb3faf863f1b470cb6abbfbf9cd4e6c1_makeitsans-regular.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 10:30:18 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e3a993a-de74"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
img
pix.eu.criteo.net/img/ Frame A386 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F200316%2Fc7db8369314c442a8dd94287a8ff8fb8_square.png&v=3&w=356&s=rkmQJgAi0ArHa2aG3wDTcpxI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29575527
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24954
expires
Sat, 19 Aug 2023 00:02:06 GMT
img
pix.eu.criteo.net/img/ Frame A386 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F7c7559c4-fd7a-4c85-aab1-9145df5e7a88_5c481e7d-00e6-4d84-8062-64732364c3a5.jpg&v=3&w=400&s=_VToQFvCTUq3z30l0kYWpL6Q&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
198a88c55d054c510c8c5787e7a11c0d980408626d8d2a8b40c3219b09705523
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23552
expires
Sat, 10 Sep 2022 16:36:39 GMT
img
pix.eu.criteo.net/img/ Frame A386 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F2068e3ba-4d7a-4e08-8840-cf11ad22acfe_1c1a9faf-680d-4ec6-b56d-912d15eb2d6d.jpg&v=3&w=400&s=8GUzQSmqA5sZTQsxdhBE9xMv&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
14bd20afa2c4c831d3897367ec0da9b84933e2fea3a7555cb6e44ef48b72ec38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=933453
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26058
expires
Wed, 21 Sep 2022 11:54:12 GMT
img
pix.eu.criteo.net/img/ Frame A386 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F86e6d62b-8332-43f8-9cac-f1d287bb8fcc_01fe8fc4-0e83-40be-9241-841bde6dceaf.jpg&v=3&w=400&s=c5NoBCCXAY9Gi6jQ1k-EK2Mb&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
2f2c5808d5b011a748123d300c0968233b5dcb935d84b68d38e307d74c27df1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=473345
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
35236
expires
Fri, 16 Sep 2022 04:05:44 GMT
img
pix.eu.criteo.net/img/ Frame A386 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F6a5ee6e4-9fd2-4cea-b7e6-0a647d134747_a5aad174-e773-441f-933b-712761dcfd52.jpg&v=3&w=400&s=4cqnwuXrQV5NE2el73Wr1LNV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
555b02b319dc84bc1b0caf55a6b7b1c0f67f23fc1053d6c09cc322663b73b48e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1136008
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
14702
expires
Fri, 23 Sep 2022 20:10:08 GMT
img
pix.eu.criteo.net/img/ Frame A386 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F11faa3dd-7c1c-453d-bc0c-0e58e3efcafa_84852f00-52bc-4dcc-8d9c-b55bbf88afda.jpg&v=3&w=400&s=KaIcc4i7MADcc-tFyIUxaVrJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3e0e99c1a51d63ef063dd071c7b1c74e5ee30a94178277e1bc14ff65ae95e6bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1183040
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
17122
expires
Sat, 24 Sep 2022 09:13:59 GMT
img
pix.eu.criteo.net/img/ Frame A386 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2000&q=80&r=0&u=https%3A%2F%2Fprod.pictures.autoscout24.net%2Flisting-images%2F0d1fb333-7bb8-40b6-a35d-21b30990dcbe_b010f962-8e41-4285-bacd-fbff2c7fd70c.jpg&v=3&w=400&s=idb_-86-Oex25T5Vp7N6FiWS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
307344029b5d70bb3601e400cbcbc77af2e10276ffc21cf896ba235506d3fa98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1034090
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
20880
expires
Thu, 22 Sep 2022 15:51:29 GMT
img
pix.eu.criteo.net/img/ Frame A386 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2000&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2000%2F220429%2F6a0067bf4afe49a0a7c182dac5a60db1_img_square_1.png&v=3&w=1200&s=pNOmrZZfv90uOeWgK3Pz0Dmc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30630324
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
136144
expires
Thu, 31 Aug 2023 05:02:04 GMT
all
csm.eu.criteo.net/ Frame A386 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6hbmSjFJN_5Rv0Q3IMc71hdLV3fyhca3FX8Lu3cWM5DdHovoViY8DlgyUa6HFgiZWXNdiMq1nNC-oDWlRJwiJvh5eHHNQRV5itFIqslcRh5ItiNyvqAYMuM5jtrfkn2DbhsXWh-bxbZLD8KQcfC5NnLcApSuQ6fnJrsY1Xx3TLURMn7Z_X9_OSKQSUz4skuEI4tmEYUmYtIBWNyvRfhjbbEjvp_DxPrHq33snHaLt0-m3BHkNgVCE7lh8UVFr_BSw-umFQ&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 16:36:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A386 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A386 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAOs7kIu8AoAAdqkxC9xWI_NIYOELATmQ&u=%7CdghSOyckoTXbJq3JDv%2BjWATmgF9oM9tBrxJ775ww0s8%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PMF3eBd2Mc1TYe_IyhmIEHsw7hj8snQ0gugWfYuY_4s0fOWSQNqc6RSX3ZEfEpb45HPCVWfmMZGkfz4wgPOGxu_gEuNXF5etaCxR_M3_FYkRXNWS0g_-OIFWKgYHpFGBM5I3bnYv--DqQlTrjtHY5y4pXxC61i1ah_ylvDKF-ShuScfqfqdALkW4eiX_dDnws4L_mF3MrFzxqun2lLl8rm3hifH-fqvjhz2xk9OSK8xXEjKbR9HyG1f4dokZpZHG2fsQtlU-JAeRsT0QChC7zT5NW6Arn44WUmhS027IS49W7R-Op9w8tbqfqKHIMu52w7nCnTVszNLXlrxk96FsUI0bSMmL9sGdmFNW4BvkRpJ5MvWQXJRrIYTWgPotmdmz5P61B6ePw2f81wiGh80Y1b1Rz2KcwsfwbVhWm0e7HKzWU1B80eReI3O7kItZi5Iq2Fswmcb5QaYlnNuHDRE7H6bS4j2qJM0SlDuLS-m3CL70rhPWp_F3_Jam9yQhxLreebJ0RqsCR1wNXZ_o7fapgObP-DHtv-3rEet5PXt2bJ2daxj8RsBNmT6JffJHd7uPpXY_aDcWcO3gBtDu0cU9v_Cq8lHlF0XTIQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnnwxFL0cY7nnOqiA7_UPk9WdqAfJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEkgJP0Ou9U9WdNNQ6uUrZBo6SgLHKClZoC1RQ7tjj8WRu1enaoTryZ4aJHUyke3i6hH8x5emNj9T7R5QghTLVrocKLwnFaKfFBnkkNIBd7amVdIx45iN2zUVHGixqdIf3PuHWoatQCMdHPEcZXwJnJP-2eOPsbacu0V-m57tq69XS50Zhv57e64K_PnQlGC0AeM8WxIEVAeQMikEL-ndi3JbWNIOsElQegCLHTpdN_oxynIA1vdNKWJDLSe3OB489bAdwVuxrcoPVk2Rwg2GKcUof3fkI5DNqEsuaNqq4gWzw4hpJf4KHvu0nA6RSNFt597Cw9zqIJClq315oXnG40QBL1cHG2NsMZn18n9Tssd2kUfK-4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2xip2w3CNY_LiQja6VJef35DwZwQ%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 16:36:39 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 9DB4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 14:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 14:39:12 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9F4B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 501B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9F4B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75f2254821b1ddd7646b7b47b4a63f06a59aae60387087d812be2fb188640c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 937B 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11729481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22890
timing-allow-origin
*
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJdIJwCro1EoqbTw8IE5wZB08rfubekEMetTBM326bl6tJahFeCW%2BoKvhg2tCqxAGHolLM%2FCMZQv1cThA9qCHisanK2PRaAwHCEeI4rpm0gEUQGKTjjaV%2FZE4albIgi%2Fevy%2BUWmnolr9rtqyhLuBXYrD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7489957219139067-FRA
expires
Thu, 31 Aug 2023 16:36:39 GMT
index.html
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		101 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e69ec8f9a7c99835a937757ad1e9b4c7d08ef7ed97320c6c5787d35b128d0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80714
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
25115
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 18:11:25 GMT
expires
Sat, 09 Sep 2023 18:11:25 GMT
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9024 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQsaOQs_rqoUqaXziERUSNnoPl7kVjDVGxP19x5dlugKVbGBG-YLOtk1QJPwTObZLyatuzO5aHSkPZrOeDCUPm82WjUCSFziq4kG4quqY7WtLcIltDbbo61IJT0mlB_Q6N1UkQOgp8UTTFS32Z8NmuQTXXI3LiZlFUuaxVsxRlwC1_joss6092duX4Q5qAPEoX_YcrC-I-DTKl9VQSfFiIyj3RvDFddbQB0MseFIjJJiArgixiFq2mYcce6t_7P6RKesJQb2z9Ol9IfLnu8RwXQ1TRcQ1wxjobUznZ4wFCy948-YXVSEhya_B61CW9imrBclK2U91Dx41iwsSVWjwhATXkq0D7ufU1HC3SPa_OdpxBfMYHWcbajLMaXc8pzlB3-xPs7zaf8g7JLpAtLj7uPALK7nbByLaEyJCqU5qG52j2Kc-MshVwk9tviFhLnMfLv7khDfZNTNGS78YdD3Z-zxjDgroZRb63qGR1P1fjRisIcxs9OlGkSC8ZrSUv7kAuexh1-kfBEoBJQK9Unt9EY8LIcEm_jTeikggGwG-xKoZFgwkX3jvWW12SXJbdNajtCxqvVnK66S2zI_nZeC7Ig5nt369ihs5dU77Atbx7oVpyMpUMDbOQdsKRb0NZKYj8lIRibH0C1xtvbAVDbayRaD5nwJMliRtNKOg1uVBOPePoBsIrN6URPQ3Uz5HsyqZMFCRvF0VzfwPIfD4LVVECFoHf-HeBTXE3IoV2vp_J4gGDrV9DT6skdxKEd4nraSIAnInP4hXnahfVn0b4xGhaOGflFn9AuWXQa1zGGK1srTqAwM0RxJxRg_q5OzzE0GvjQmxT-Zq7UcrBqBmRKHjoGz9xXo_Aabx2yFqe6oWY9ZUDh1PLdSSkJfRiVIFuzIE31ABSLYuta2nw-epL2TosuFjUYRztI81q4npA75NhtDOnDCtt8kF360IhaqMtFHY6s-kJvByUdzaNFJaeyeS0_CME3PL6VvZ4vciC3JF2w9SIQKN5NvfMYFeCLWbh0G485N2yoyPx647_ySJKK8MEH-tkhIaqg42Yf8NaCf6pJMLrRmDIUR1E6EYrB3lE0YiiZLqTU313zfUhZ_cviQdZOEMHkNvaq9X1r2wtiWLDTlwvOUyZHPdo20QwX3YSkqEGC_47OoLuY3ABoc9nSKobtp6KAXMw6l7kpKgKhEKK3tkS1oNAjjPrWe3R004_-zwAZgytRNVVxyW-HqusZwvvx7QQDjIW3Du8PZfP92Fz9epMUGo9f2bi5j2Tioo_vQHsc3U5CHvqMioojYHqwT_BYzV5LS2EU4xQxg&sai=AMfl-YTXWLbGBJosco6hWnnWk6NIxxB81_DQ1laG8GScmwLfQUwYc6efRBipUYTnfIWmPiAMxV44ri-kLhJtpWYJhmU5U6W8t9DRdV3PK0O-Vcxz500bpe8vv1nTiWwMLGAtKbXokFSwqtmOxyz0xmc48oilH-BTLmWtRk_dUFW5Z6B8vu6U5pilwcGAcTJ_RnTmNjyU8HrNkBVE5qQ7QTYETFZr&sig=Cg0ArKJSzMbOYkjmpwbfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&cbvp=1&cstd=490&cisv=r20220907.48468&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 10 Sep 2022 16:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.19.8.347.js
static.adsafeprotected.com/ Frame CA71 		193 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.347.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1171896/65674243/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5416216b0fe28010c8cd584a8385540ad3752bf10b51313a2cfd2a34a68bc1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 20:15:30 GMT
content-encoding
gzip
age
332470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 06 Sep 2022 16:08:06 GMT
server
AmazonS3
etag
W/"e927bffc67fcecad60e9746daaea058f"
vary
Accept-Encoding
x-amz-version-id
QooUCynUyoisOuMsBpfQ7BsIRfzSsh4_
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
gXHwKa46Uz2Mhszcp7WZ9fLsiJXxCMqyvW5H4eguh0GaIP5L4rFQRg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9085 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
117942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9024 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BB87 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CA71 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Sep 2023 07:50:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9F2A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
39873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Sep 2022 05:32:06 GMT
etag
48472445140208031
expires
Sun, 11 Sep 2022 05:32:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CA71 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19896114915aa8f06a3d91bd73df159682b34390574e3ded71f66abf5f918ccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9024 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38db0cb0e815c249f55f1161112b800fecc05036da4782d9eb71db0dd7d6b9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/ Frame 898C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72c193fd04a259ee2e4a63e6176a1dcdb7ce0974a2eda02a316b4256e0e0cdeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
465361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1898
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Sep 2022 07:20:38 GMT
expires
Tue, 05 Sep 2023 07:20:38 GMT
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CA71 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_AsbXluyw8ZklnnmjKA7Ey0Dy0fpsysGsJ2CJm5nQ-YVTGwbzSqtvB99qS-KBJxrxKYPVcmlgwTTobmHS3apmcyD9ZYJOHp-pjjJB1CT5SRtWMdoHKD6ggrKXktCMbNfMkk7j2OYAqV4in4cGylb8v4szXleDlhNehwyUM0PyuWpvGgNFOrfEtOBjsFP7ftXJQkmDfEget9rm3WfYbn02jq_hj1f_Ovu6ZR7dPoDEE_oPofHV5WG9kPviJS1H8rvpKXbJVBcBsM5WB8N5FWFR_HLRRZhzS1so9dNjFdRsvVs8owBV7wEMlI0EU0nXTUEL-evm1IhcgZ7K8t42rSMoxB9lFzjpApxi9TQ7iReqMKii1xFyFcxNyR_MQijMvkwXbOq1TPwFtxNpCoEKx2g_fynZ9cLgpfWQWLNvYaGMhRq16tviHVKQbocdCnUGlqlye5OGyNWLZqos5rLqg7DZWIWuAK8MZEtpfe20n-nGu86CYBB5oLh31pqRkChEal4NUnan2u2NCfd0IZcGamhO9m9DyvcKJuIZvx2pEpmrM9Koweh7lr0TUq2fzHoWF8Z9A3Div_tgxttTMwkY3I6ojEAICrSl52LZNXorKzXWYi-lVribVOWvLs-Ee2awCfnezvi88inAukkDGiXrybmB39b8o4vzm8sxh1ZKHPO6gIizTqbbEOPhxCBI960xVbZNh7Gu_CyCJK1wA0cyxm3dUjo8zzLPUAChTSc5J_qvDrIEWUS_wPNM3aS7Y1lr3AI7R5nh4cX9tYKbed6jYZ7viwRQVMLOJ37507O_IDgQpLwMSb28KmV-xuzZM5_ITovmnDsCRCdZExxqy4yhQJxCXeYKMguwiZHsF20wMYn9uGu3boyzOZjTNuuxHTP55x46mQW-eLWTV95E2O3RUcNWnv2wYct9-af0bN6gOHH7d7duOHTS_8pTMQWrY2neQ4pOSudj9pQz37AD9shX4B3m5gmlgHTt0FlK8fXGAJj5JLuU2qXsY8ofYFdrausWmQmZ4H-c8boC4EPFXiO9ZVRfetuUhDUklwltb4OMoKXZ_yVD17p-2ZZzqRM-CGAqn9yv_RAEnvMp1ymggahXDfUMRh_RTWoCL6l9i7-sVml_tM46n6bEBPhEgcLzgvrLHFrifjUMD2MlQD1w_Y4dvZtqMNjmJgLoHBGFe0jfECAq4OUfHKnw4JF59sAwayZY1VHvjLhTssdgtohFE3DdZw4a2oF_7lT0E4L1l45tOQQR5KSKN2LGPyKGpt4D2R6iW7eJPoinHgPp&sai=AMfl-YSmaKqiyzvtUnRa3bMeyFyUUt0p6fZGe88U1FzI9jYbEWcAJ-zyQWr8avq_RR6utUTA6l05aUWQQr9-EKj_s2AOzWoYExnFmkYr6dqB-UHZjEtvAu-LVoJARIYD570cQ_gjIc1izDI8XAGOAPMHRdqE85x9o5ixnhN24EUhGM3ieNGTonzEjGc1g0sZrxJRu3NX2audjLGFK-NPaSk_Wc_E&sig=Cg0ArKJSzDJc2jlQtDNIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=640&cbvp=1&cstd=634&cisv=r20220907.51013&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 10 Sep 2022 16:36:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame DCD5 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 21:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 21:22:52 GMT
dpixel
cms.quantserve.com/ Frame 501B 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMQ8deYSMaE4qeXottzWJIQ&google_cver=1&google_push=AehlK4BAoZbU3QqgKeeuYycOc2wvo45AqU8yXbjh9ngVI8NIjcUpS7_ndTkK0jgWvbMuYNQr3qDeC3iLwcq9XLhTSaEhZ38ZaTc
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 501B 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP2AWGzdW_5IVLYuikUmFKg&google_cver=1&google_push=AehlK4CYCd2DTFAchPoBgH5Cqc8eEEmEiiv5HWp9DpAMlbjd67N-KIcY06Nx6g7GWK87vv9oJE20ml1F0D_jCw3eANUERaC9xkG7
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1662827800.737694,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4038-HHN
pixel
cm.g.doubleclick.net/ Frame 501B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJDkn9W2byT509ZpWd4MARE&google_cver=1&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVz...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJDkn9W2byT509ZpWd4MARE&google_cver=1&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM5ODg4ODcyMjM4NjY4NzgyMQ&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM5ODg4ODcyMjM4NjY4NzgyMQ&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVzZBj_LsbZiNZ7QSV3uDY
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM5ODg4ODcyMjM4NjY4NzgyMQ&google_push=AehlK4DJEovsyzTCkBIhiDtkdieurgfEyGCEfphstsTV070npogao-WijXUJylWmuZp5Gi6nvCLGgcVzZBj_LsbZiNZ7QSV3uDY
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 501B 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH5zuilfJeQSXc9p6GByCLE&google_cver=1&google_push=AehlK4CXMWgzvs_6Gn1GKfMthKHo4UX3jT_xIECTjn5fsF-pjLDLhEXkmiIr5fdAkWin-9dyPoCzan64PFO6da47E-hzddGuCWCm
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 501B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEASE1LWUJmYMVFakRMRZS6U&google_cver=1&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMVVMtMU0tRzZXQQ==&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXWLDMikRBOQ0OWpSEZhFo7hq3E
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMVVMtMU0tRzZXQQ==&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXWLDMikRBOQ0OWpSEZhFo7hq3E
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMVVMtMU0tRzZXQQ==&google_push=AehlK4DLRmR5HyJitjis-nPpHUmqhKBuljyXJ9cKZs4VwXGzEKcpPauSgN93NPB5FxXRhVZ2ZXWLDMikRBOQ0OWpSEZhFo7hq3E
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 501B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESED4_Vne4ddrdBc-vY_894Zg&google_cver=1&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzczNjMyNjk0MjU5MTI0NDI1MA%3D%3D&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzczNjMyNjk0MjU5MTI0NDI1MA%3D%3D&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDExMzczNjMyNjk0MjU5MTI0NDI1MA%3D%3D&google_push=AehlK4Ahos3gTFytU3dKKNRZXcZsn7kTL1UjcZc9qWwHoGISdpaoJrWrZt4vFfnkjpZVuG9JJHtfTA4kV_tIrscuc8UOxRRBZH4z
date
Sat, 10 Sep 2022 16:36:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 501B 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEJzg1Avz1BjnBmET-bGFq1s&google_cver=1&google_push=AehlK4Dgs231HwuYpPwPqAnSwKb6igGFV-GDE10AHzcs0Z5Inh4P0llzyQ8tBv6jXCRpy1rv6QbRVlVRrLUMTI_rPj_us2Akq-RH
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Sep 2022 16:36:39 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 501B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iy0S0EP5ZZYGTiB-Z4KbIZLJ6IUUywbcBCYHdqIeiUKYsK8fE26ItK-uwksT74FTRxBbVmfQ
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
K.jpg
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/K.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40e58769ef5895975af8163ae118d5dd1e22e13db057aeb981fe58cdc8fb0ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46419
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
Glitch1.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/Glitch1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f95d87ff561cf39eba9667e263fa1cadc96dd836a9b9b614e94d818f5df8fb43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43285
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
HL.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/HL.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484a4b402a62a06a25f3a082dc3f98248c3a2286901ea59a97ffe82747ee81bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3586
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
HL_Munich1.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/HL_Munich1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30182031cd7feb905a79698337652270afde5ed2cbb2de20e94ca1fd875b445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6652
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
HL_Munich2.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/HL_Munich2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c652db26243cdd0d822e5a11f193c7f38be28d590d51aac6a4772983d1fc25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4883
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
HL_Munich3.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/HL_Munich3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee006501f1500273847c5d44efc6e96f67a9461e63911f61dbd5be3a4c912f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4887
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
Overlay.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/Overlay.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36678f469e5dbf006f43c4e8dcc632a4d175f70cd1c7f8add1a98c6256e1aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10962
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
DynHL2.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/DynHL2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bff76f01afebe871b033ba22af389016b9d57c0336d95e4ff401186cdf81394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 10:41:58 GMT
x-content-type-options
nosniff
age
107681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2134
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 10:41:58 GMT
CTA.png
s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/ Frame 937B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/images/CTA.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89058cf3d1914bb7d7d5286f79d8de9a868fea9733286649be7677f5f47b234e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15096871318041832961/160x600_RTB30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:49:56 GMT
x-content-type-options
nosniff
age
118003
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1301
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:50:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 07:49:56 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4C1E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp10.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=2740775703158566&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=2129042553&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=D2CA9A9A-5AF7-4752-B732-06BE130A47D9&nel=0&eid=44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dlt=1662827804897&idt=1880&dt=1662827807122&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=1514990427904332&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9F4B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfndI3sVZl5CN1xCSgSdaVxvH2Ez77Ll2un0v-5zozNYKDiPpTUU0uoDZQVePOw3-gi8EcUZxIiJVV8K9vXLAYxGewL0_06tLGnpNFnlYFMb3vnQohPDeMnOEJm2dPzglR8j-f2eNM-Rd_ALY7DHLbfTJa8NkIRN742MoCn6Kv2oD-NFVjTYohD0vQ1xni9BIEIdzqrfNHy1ElUPpV4OyfeEnsKr-eUHzvvzd90qTPZ4YSm51YD9IYqGD4VxKdIAd-0cBQJ5bYkt2gXbb6kWFvNJCPQDM6Q1f_mzqot-m7xNtJmCuBcohy3pPjaJ9iGmVhBW_mfoff3tEzrNXc60wtbAHirmu_BuAKuBxCvW-YA3jCqamLzf13lxIpcXU5ivmQYG_zpmiVFWoLK-Ezhg1czPBKPBP9myPwQOvtnvVgl_I_54iYi8r6ttvIuyVVVW9P6tdhQfzD3ers3-8eGOknN3cMh1TWz5MEhDPRRUsOSCslb_6TptzJN7rjVUstyGwZkcWw9hfR5CG6CNkfoLHbfvVjFpFh2FxeKcHExOY551RmSwUcJLvwxRVDaSzpv9aWyvwisA90vJ-8MeXYcQNU_SxQe7LTQlqlWCnnjEm_jm-_ekIWFmDpD9z2_iDeYWyOaboi18WnuSql7ceRPyBg9yIuHQfKdtqVfB8Luog7ngN-oV3mM0UnpB0iHpxRs6Sy4dvIIcz8u3GtpfQ7LtePqD3-C3hh3nGrPJMN_mf2jZiVVjS0C2MeuagnrLaHPykM_3ExFpQDMwT-RrSMh8gMJNIuCSKBtJthHvbaPxRCfkclBu3SXrgT52-yWwwH-MlHOh8eam_nESWoMhJIWiHHWHMN2e2yo-AaEiqj13ZOtdIPxCH269R2P47u9HDSBDW2D2TlVYo1SFKHxIdbkeLMLok17TJs8Wn5ORkuMreX52xQjeedJh1aWjx4j-A4T4bu_IA_g1QZbX1RzPCAvFWWLR2vrSVfFqdVhvYITkoNPsvAk8X9zG4T0B7hYbexoa693ADBiJ1x1moEDFSFpOV8KuQYPt0AYsyGdcoXKm1R7c-3mdkRp6JPPyDmGN4myqzzFHAfS233zUEs51-Ze281P4VkBnrSGOwTA1_semtpvVJJS7iqba4exTnkQQE5hpIVLzb7LAQ-0rdwa-Bd4MyZDevmLXZeSbp6qKUj4DdorsXrzCY-ZsJMHnWYL9sOHfKQnBY9lMKjMczxVnQo433aRrTrJ2Jq0TUdhHWLbVsEHIjdpfHwWTR1zDN1gtfYaK5mchmc7VQjjROJj-YcNVBPm0tzb-wR5m3_Zjc1Z6dLnaieYqEn0y5CTo1z&sai=AMfl-YQr236MdcBmyg-JC8bEA6Efe1zsxYZapSykWPikG5VhO_uzfrJlt28DCt5UliKqa9_WQ8krs0p-c_E90x_y07u64DKGaJWwhpCedGjwq6xjcZCqOTZirfd9aY0g31TwA0qiVH1TcybVz8o6KFv9V0XgXVTVOt1CtwRLxqU-kVMtFLt9QNKnseWplVaxgFMjJQxupLFXvxw0VqSEs_WGkyzn&sig=Cg0ArKJSzBv5bAiuEl7nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1406&vt=11&dtpt=837&dett=3&cstd=551&cisv=r20220907.62488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 898C 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:39 GMT
script.js
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/js/ Frame 898C 		3 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
261d64c4a04df3fb3a68d5addabe393c4578e079706a30605524f50ba363c266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
904
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:34 GMT
skeleton.js
static.adsafeprotected.com/ Frame CA71
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1171896/65674243/skeleton.js?adsafe_url=https%3A%2F%2Fwww.ensonhaber.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2d4e84bdee6d2512af1dac44a27c3c82.safeframe.g...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
age
17894317
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6NhWytblWFaEoiG4sAyeR6ujFJpwKIOYVL5N0FgJIhBjf2ppdjEF4Q==

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2F5E 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10137726
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
liOVpxZSwtEGhOCs2TT-w5cJNl4CnHFRJAoHl8EJx_Rw9PZ_nXiFJA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0232 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
117942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5656 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
117942
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Sep 2022 07:50:57 GMT
expires
Sat, 09 Sep 2023 07:50:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/VolvoNovum-Medium.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:58 GMT
x-content-type-options
nosniff
age
182381
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39068
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:58 GMT
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxotY,pingTime:-3,time:426,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:426,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxou1,pingTime:-6,time:429,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:429,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.ensonhaber.com*&br=c
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
google2waycm.netmng.com/cm/ Frame BB87 		0
0
pixel
cm.g.doubleclick.net/ Frame BB87
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPW8UfzB5oYVuVn5GPl4mt8&google_cver=1&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLw...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLwfVhLEZ7hPAh6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLwfVhLEZ7hPAh6
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 10 Sep 2022 16:36:40 GMT
Server
MT3 4505 5b23575 master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AFR88dNpGOz-prj7AQQyRSVS3Bv_ZaaiMG0WVENC6IoSYQLqUtyJFuUy_D13VWTOunFAT2wL1L5ALQ0HLwfVhLEZ7hPAh6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 10 Sep 2022 16:36:39 GMT
pixel
cm.g.doubleclick.net/ Frame BB87
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBOp1ZebMAbDq5jBR12PQtE&google_cver=1&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4B...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4BlIP8giCAjXpCHjYSe&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4BlIP8giCAjXpCHjYSe&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BR29f3eD47tLqFrgjsjXarMLOmahv-fcFh_N6Uw8mP7tvA7UyMKCzVZHQmeJovpd4Q4lSGFimNJ4BlIP8giCAjXpCHjYSe&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame BB87 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHCiNAn9Gupjg09dics1mHs&google_cver=1&google_push=AehlK4DAQsrANvK7M0_go_BGdn-aKcOOwp50ZvZoHJksY7_e1QDV6TGAfkJjhUeknxgAgdBglETLnTf-I9zSlkE2ZCtl2Rcfqrg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0so407n47emdduucllpdareqm2crrdaj
pixel
cm.g.doubleclick.net/ Frame BB87
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEDu1BLdcsaTKUcXpIH8p8iU&google_cver=1&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEDu1BLdcsaTKUcXpIH8p8iU&google_cver=1&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ylz_AbsjRbWu2axY-s83VQ&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ylz_AbsjRbWu2axY-s83VQ&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0AqbHr1
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ylz_AbsjRbWu2axY-s83VQ&google_push=AehlK4DxlQd1rnFBfDZPzo8gZB_eD5mVKossa0KkjWhomlA1fq9xUjDKdUjJ4U8M1DzSSlc5ch2_ETMf_WygeA32ChelT0AqbHr1
date
Sat, 10 Sep 2022 16:36:40 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame BB87
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-ef68398b-627c-42e2-a809-fc87a4c72628-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BpGpLS8zVF38SjK5-O_...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&google_hm=A-9oOYtifELiqAn8h6THJig
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&google_hm=A-9oOYtifELiqAn8h6THJig
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BpGpLS8zVF38SjK5-O_lhAc70NZS3rOMYOB19D_zrokykScYuUlAMQFjFZxzqNqjLsHFnl-csKnki6nVq-jKsb4t6gPAs&google_hm=A-9oOYtifELiqAn8h6THJig
date
Sat, 10 Sep 2022 16:36:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXef68398b627c42e2a809fc87a4c72628003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame BB87
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELcp_D5xxPyAnKyov64J4AM&google_cver=1&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRWug8Od7CS-SJXmVAZm...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRWug8Od7CS-SJXmVAZmTN73Ue0GEBI_uBfFyg71zsoz99GA
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FWGF5REdkRTJ1RXhyYVZ6Z0hBSE1kdXhNM282VzBoUX5B&google_push=AehlK4AyKNgW8BN6MRavjga116iZND6g4CE8jmMCAug9jR7BO3ay2HIRWug8Od7CS-SJXmVAZmTN73Ue0GEBI_uBfFyg71zsoz99GA
date
Sat, 10 Sep 2022 16:36:39 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame BB87 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfjJomSkz_TwDpi5pOcKF-qEALBtnf-cdhuOs-mPBmyi9j0KNsjiL8xojk_6dohf6eX-fBWw
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
VolvoNovum-Regular.woff2
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/VolvoNovum-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:52 GMT
x-content-type-options
nosniff
age
182387
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39156
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:52 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9F2A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMvPXSEWTZCTy-f6fhKQflA&google_cver=1&google_push=AehlK4DiaiA7XlgyBG4bIYcI1n2nuA6svWkEW9SIJaQl0ltMWYTEWyhYsN2qoGkTUKIU1diTHVpH4gIFI-oFbA5fGLWZyuT73yQHtA
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEDpji3umjWM4wMCdwESCrEA&google_cver=1&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKBtVFovFPPJy31NKw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKBtVFovFPPJy31NKw
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 16:36:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=78FC73AD3F6D42539EE088F1F6092646&google_push=AehlK4C0wwCD6lsfaBPf_f3RULjdNtWkCL94smFvjV4JRCK4EqxpFGybc8ntZ0MGqdc6kpYBCKSo9EEKAV18KKBtVFovFPPJy31NKw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Fri, 09 Sep 2022 16:36:39 GMT
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBBTzq-WmhF08VzqNAyNs7k&google_cver=1&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlRb1O8X786NK-AUQpIX&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlRb1O8X786NK-AUQpIX&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4CbfgoU0v3PRJzYKntoZsvP9x0R93KZCBqrgBv4m0ZZ4Awr26VdcYea1Dv2LqTsd8mnd206yzSbKlRb1O8X786NK-AUQpIX&google_hm=qIJnFOYTT6SVkgEuZZUo7Rg
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKatzPh4moD81GkSnb8AwqQ&google_cver=1&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-3HOH2pQ&google_hm=NjY2Mjg5NTEzNjc5NDU1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-3HOH2pQ&google_hm=NjY2Mjg5NTEzNjc5NDU1NDQwMA%3D%3D
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 16:36:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AqwhOXReoylGQ5AQkduR1vckx5JIAbwGXZUWhgQBHoev02pfXEM6GSVBcdGeAZBehrEvzuUvL4GwjyRY9E0kH5Um-3HOH2pQ&google_hm=NjY2Mjg5NTEzNjc5NDU1NDQwMA%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI4m-C9onOcHh89OcLoQSpQ&google_cver=1&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV0d...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYyMTY0MjMzODk3NDc0OTMwMA&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYyMTY0MjMzODk3NDc0OTMwMA&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV0d7Na8jH-AZyoFNB5R2Ct3
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:39 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjYyMTY0MjMzODk3NDc0OTMwMA&google_push=AehlK4C4-VM-PJKM4M0AE5SBGHzATtQBMBX1CxNh_o6K-J7_-qXFhxzRuk7rc2R4Ot3Ur0v49Z_eTV0d7Na8jH-AZyoFNB5R2Ct3
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJJIDPiiuRF9dRQd_z9bTFs&google_cver=1&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wr...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMWU4tVy02TEgz&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wrV0syrIKCO305dZvsroqcBUYKfxw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMWU4tVy02TEgz&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wrV0syrIKCO305dZvsroqcBUYKfxw
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdXNFFMWU4tVy02TEgz&google_push=AehlK4BhgSziZBMthNO-5Okv0HImKZ96XysN0mvHMn8VjnfJ-kO4sNyL_Me8zt7Xd5dxV2ka9wrV0syrIKCO305dZvsroqcBUYKfxw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9F2A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEODg_DdMYtR3Ecya-oR49ro&google_cver=1&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyHQ_Z2THZpyj8&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyHQ_Z2THZpyj8&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 10 Sep 2022 16:36:40 GMT
pod
X-Sovrn-Pod: ad_ap4ams1
location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4ABehS_fEZMzEQpmPeaAjxb6lDmwAy43KZs7NROYi_EVMdmkCQAkmDiu2P_w0DPZzpPBTBvvAJCbqzfmlTyHQ_Z2THZpyj8&google_hm=FSzEsGZHa1qqruMqTj6ExZQj
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
access-control-allow-credentials
true
connection
close
access-control-allow-headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 9F2A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwUFC7JDiETz7n-SyYoEjWhNtunba5nCRyA8kJiL0hotYYfsQQN3eZIoh8OaB00DgTGy_S
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 9085 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 14:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 14:39:12 GMT
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxouO,pingTime:-2,time:478,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1289,bdZ:1404,beA:1761,beZ:1763,mfA:2117,cmA:2118,inA:2119,inZ:2122,prA:2122,prZ:2132,si:2139,poA:2140,poZ:2156,cmZ:2156,mfZ:2156,loA:2189,loZ:2193,ltA:2239,ltZ:2239,mdA:1763,mdZ:1811%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:478,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B119~0%5D,as:%5B119~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:99,readyFired:true%7D&br=c
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 9024 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQsaOQs_rqoUqaXziERUSNnoPl7kVjDVGxP19x5dlugKVbGBG-YLOtk1QJPwTObZLyatuzO5aHSkPZrOeDCUPm82WjUCSFziq4kG4quqY7WtLcIltDbbo61IJT0mlB_Q6N1UkQOgp8UTTFS32Z8NmuQTXXI3LiZlFUuaxVsxRlwC1_joss6092duX4Q5qAPEoX_YcrC-I-DTKl9VQSfFiIyj3RvDFddbQB0MseFIjJJiArgixiFq2mYcce6t_7P6RKesJQb2z9Ol9IfLnu8RwXQ1TRcQ1wxjobUznZ4wFCy948-YXVSEhya_B61CW9imrBclK2U91Dx41iwsSVWjwhATXkq0D7ufU1HC3SPa_OdpxBfMYHWcbajLMaXc8pzlB3-xPs7zaf8g7JLpAtLj7uPALK7nbByLaEyJCqU5qG52j2Kc-MshVwk9tviFhLnMfLv7khDfZNTNGS78YdD3Z-zxjDgroZRb63qGR1P1fjRisIcxs9OlGkSC8ZrSUv7kAuexh1-kfBEoBJQK9Unt9EY8LIcEm_jTeikggGwG-xKoZFgwkX3jvWW12SXJbdNajtCxqvVnK66S2zI_nZeC7Ig5nt369ihs5dU77Atbx7oVpyMpUMDbOQdsKRb0NZKYj8lIRibH0C1xtvbAVDbayRaD5nwJMliRtNKOg1uVBOPePoBsIrN6URPQ3Uz5HsyqZMFCRvF0VzfwPIfD4LVVECFoHf-HeBTXE3IoV2vp_J4gGDrV9DT6skdxKEd4nraSIAnInP4hXnahfVn0b4xGhaOGflFn9AuWXQa1zGGK1srTqAwM0RxJxRg_q5OzzE0GvjQmxT-Zq7UcrBqBmRKHjoGz9xXo_Aabx2yFqe6oWY9ZUDh1PLdSSkJfRiVIFuzIE31ABSLYuta2nw-epL2TosuFjUYRztI81q4npA75NhtDOnDCtt8kF360IhaqMtFHY6s-kJvByUdzaNFJaeyeS0_CME3PL6VvZ4vciC3JF2w9SIQKN5NvfMYFeCLWbh0G485N2yoyPx647_ySJKK8MEH-tkhIaqg42Yf8NaCf6pJMLrRmDIUR1E6EYrB3lE0YiiZLqTU313zfUhZ_cviQdZOEMHkNvaq9X1r2wtiWLDTlwvOUyZHPdo20QwX3YSkqEGC_47OoLuY3ABoc9nSKobtp6KAXMw6l7kpKgKhEKK3tkS1oNAjjPrWe3R004_-zwAZgytRNVVxyW-HqusZwvvx7QQDjIW3Du8PZfP92Fz9epMUGo9f2bi5j2Tioo_vQHsc3U5CHvqMioojYHqwT_BYzV5LS2EU4xQxg&sai=AMfl-YTXWLbGBJosco6hWnnWk6NIxxB81_DQ1laG8GScmwLfQUwYc6efRBipUYTnfIWmPiAMxV44ri-kLhJtpWYJhmU5U6W8t9DRdV3PK0O-Vcxz500bpe8vv1nTiWwMLGAtKbXokFSwqtmOxyz0xmc48oilH-BTLmWtRk_dUFW5Z6B8vu6U5pilwcGAcTJ_RnTmNjyU8HrNkBVE5qQ7QTYETFZr&sig=Cg0ArKJSzMbOYkjmpwbfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1057&vt=11&dtpt=565&dett=3&cstd=490&cisv=r20220907.48468&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame CA71 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_AsbXluyw8ZklnnmjKA7Ey0Dy0fpsysGsJ2CJm5nQ-YVTGwbzSqtvB99qS-KBJxrxKYPVcmlgwTTobmHS3apmcyD9ZYJOHp-pjjJB1CT5SRtWMdoHKD6ggrKXktCMbNfMkk7j2OYAqV4in4cGylb8v4szXleDlhNehwyUM0PyuWpvGgNFOrfEtOBjsFP7ftXJQkmDfEget9rm3WfYbn02jq_hj1f_Ovu6ZR7dPoDEE_oPofHV5WG9kPviJS1H8rvpKXbJVBcBsM5WB8N5FWFR_HLRRZhzS1so9dNjFdRsvVs8owBV7wEMlI0EU0nXTUEL-evm1IhcgZ7K8t42rSMoxB9lFzjpApxi9TQ7iReqMKii1xFyFcxNyR_MQijMvkwXbOq1TPwFtxNpCoEKx2g_fynZ9cLgpfWQWLNvYaGMhRq16tviHVKQbocdCnUGlqlye5OGyNWLZqos5rLqg7DZWIWuAK8MZEtpfe20n-nGu86CYBB5oLh31pqRkChEal4NUnan2u2NCfd0IZcGamhO9m9DyvcKJuIZvx2pEpmrM9Koweh7lr0TUq2fzHoWF8Z9A3Div_tgxttTMwkY3I6ojEAICrSl52LZNXorKzXWYi-lVribVOWvLs-Ee2awCfnezvi88inAukkDGiXrybmB39b8o4vzm8sxh1ZKHPO6gIizTqbbEOPhxCBI960xVbZNh7Gu_CyCJK1wA0cyxm3dUjo8zzLPUAChTSc5J_qvDrIEWUS_wPNM3aS7Y1lr3AI7R5nh4cX9tYKbed6jYZ7viwRQVMLOJ37507O_IDgQpLwMSb28KmV-xuzZM5_ITovmnDsCRCdZExxqy4yhQJxCXeYKMguwiZHsF20wMYn9uGu3boyzOZjTNuuxHTP55x46mQW-eLWTV95E2O3RUcNWnv2wYct9-af0bN6gOHH7d7duOHTS_8pTMQWrY2neQ4pOSudj9pQz37AD9shX4B3m5gmlgHTt0FlK8fXGAJj5JLuU2qXsY8ofYFdrausWmQmZ4H-c8boC4EPFXiO9ZVRfetuUhDUklwltb4OMoKXZ_yVD17p-2ZZzqRM-CGAqn9yv_RAEnvMp1ymggahXDfUMRh_RTWoCL6l9i7-sVml_tM46n6bEBPhEgcLzgvrLHFrifjUMD2MlQD1w_Y4dvZtqMNjmJgLoHBGFe0jfECAq4OUfHKnw4JF59sAwayZY1VHvjLhTssdgtohFE3DdZw4a2oF_7lT0E4L1l45tOQQR5KSKN2LGPyKGpt4D2R6iW7eJPoinHgPp&sai=AMfl-YSmaKqiyzvtUnRa3bMeyFyUUt0p6fZGe88U1FzI9jYbEWcAJ-zyQWr8avq_RR6utUTA6l05aUWQQr9-EKj_s2AOzWoYExnFmkYr6dqB-UHZjEtvAu-LVoJARIYD570cQ_gjIc1izDI8XAGOAPMHRdqE85x9o5ixnhN24EUhGM3ieNGTonzEjGc1g0sZrxJRu3NX2audjLGFK-NPaSk_Wc_E&sig=Cg0ArKJSzDJc2jlQtDNIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=998&vt=11&dtpt=358&dett=3&cstd=634&cisv=r20220907.51013&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
txt1@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/txt1@2x.png
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6029688f62f390194116468c38dc24dd9635ce6d10e314ca4c6f26721450893e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1826
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:41 GMT
cta@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		674 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/cta@2x.png
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ede7dacf32f12145006c83a0a641d72841522fdc688d9a05e34f1950a5a2ecd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
674
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:41 GMT
logo.svg
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/logo.svg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:41 GMT
bg1@2x.jpg
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/bg1@2x.jpg
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2330f987a2da35673f462475d18ad6e03481bdbe6106aa47dee1cc558fc0b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:41 GMT
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20947
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:41 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 0232 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 14:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 14:39:12 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 5656 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 14:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7048
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 14:39:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 9DB4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XWALuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
ads.viralize.tv/track/ Frame D500 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126bd36674616d2284d224ed5a1%3A0%3A1gck45f63-pp08gimfohg-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221gck45f63-pp08gimfohg-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/player/ Frame 1A78 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827804328&sid=01ed3126bd36674616d2284d224ed5a1&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=2&gdpr=1&cs=&cmp=unavailable
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
fe92612902a1fd04aab1ce31c70d4c6901a745d185d2f005060e49eb798e9e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame B0CD 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62936
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame B0CD 		101 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=21
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B0CD 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:40 GMT
viralize_player.min.163a9944.js
monetize-static.viralize.tv/ Frame B0CD 		778 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.163a9944.js?e=ops
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14da Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduX5QyiE2vL0fnXqiUP3LFK0Mln37aVkJtjCiBqPBK70V6H5_JedT62xsx9NMDEeJ2EGEJ941DX_b0hLwizQ5OmXQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
232526
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
server
UploadServer
etag
"163a99440701696948190b6a64e8d926"
vary
Accept-Encoding
x-goog-hash
crc32c=VwQX7w==, md5=FjqZRAcBaWlIGQtqZOjZJg==
x-goog-generation
1662113891233348
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
796325
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 Oct 2022 16:36:40 GMT
replay.png
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/replay.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6358c05506dcb56aac552b0fe6b46032c308e108e22b832e5df1f4f3487c40d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:52 GMT
x-content-type-options
nosniff
age
182388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:52 GMT
Volvo_White.png
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/Volvo_White.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1dbb113405cd6745c0a638621883ac3952d4a049bf0a45dc0dea6a0baf1d925c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:52 GMT
x-content-type-options
nosniff
age
182388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4426
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:52 GMT
970x250_bg.jpg
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/970x250_bg.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c649782210be9ba4a220f1a4d38de62aded96f5f27b34023b310c5c0c4d2625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:52 GMT
x-content-type-options
nosniff
age
182388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77962
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:52 GMT
970x250.jpg
s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/ Frame DCD5 		361 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/970x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ec586c9c199818e9d6485f143f9066769853a4eea52cc2575c396c21b010ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14339125302209282048/CBV_XC40_Refresh_DE_970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:56:52 GMT
x-content-type-options
nosniff
age
182388
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369209
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 12:49:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:56:52 GMT
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxoAH,pingTime:-10,time:843,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662827807626%7C%7Ce8b16071c910fd854dc7e50a6fb6b644%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C449dc1b89e2d74431cb2ef8cd9c2135f%7C%7C0bbf02943d1c2d44893111aea87039a7%7C%7C9db6b7935a96ba86727acf1496aa6641%7C%7C471b6ff773ee8aae9a975c12ed08831a%7C%7C60fc6e4d53b96429d4a907e229035723%7C%7C1629390669,im:%7Bpci:%7Btdr:164%7D,imprf:%7Bttecl:1086,ecd:144,tsecr:91%7D%7D%7D
Requested by
Host: 2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F4B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu85WM8aJ1EbfNlSvafbaKWqExZHiv19fhbVJZNsdX1xXDZi6c5zmOdQNUjLq55g_ojPyetcKybmr8wLTUUMxfuB1rko5ipgiiUzzbCFcVMlhmAicLVF8zxTQHQlBnXWhi_hXev4Q&sai=AMfl-YScHcFXi7FRRQh1aIuHUYpgKVKkVsiguNSbGEdDjku-vY5n2CyKWo-jRohKuauoxdh6hzkZzffusPZTHGT23_bs0kdLgo_J0yA4YYnjo59tolWhvlK88UjbnQuV&sig=Cg0ArKJSzHg-lhoDsDKuEAE&cid=CAASJeRoRldwK-ZJi_9NYegDg56u9a9bZ6GTG6vAZ4slkyH4_KXgyCA&id=lidar2&mcvt=1045&p=20,36,638,196&mtos=0,1045,1045,1045,1045&tos=0,1045,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=3900402713&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662827804540&rpt=2042&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame B0CD 		931 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp7.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827800%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f05a8e700da21d7fede78c4e10ff4aaa22abc057d2bde36532d4cf901ba3e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
563
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame B0CD 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126bd36674616d2284d224ed5a1&item=YWRuXzc3NzAreFesWx6Jkw%3D%3D.1.1gck45gvu-9k35ldmsn0g-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame FA2D 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B0CD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:40 GMT
integrator.js
adservice.google.com/adsid/ Frame B0CD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9085 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB0gDFb0cY6KDNfbCx_AP6faGmAwAAAAAOAHgBAI&bg=!dXaldjLNAAZTikH4c4o7ACkAdvg8WhjdaM0AFY3zNgyx-Xfogazug0mvV93zupBbIVfvNRfKCkLu0wIAAAGUUgAAAARoAQeZAxY92sVaT6QU-HzzJ6G0yRnH4puM1_BjJubeGu430m5WxiAwzUwJxzkgNEWVjbhIKQ7B6oOiUw-jwEomWAC61kDRO3Xdl0qadUuwle6tzAZ6JhO0WR5Q3DdgRdXMnXeJ7YZlTx3Xdt3nVYVBMFe9A4M0nbPWJId69ZSF9UNXIBpKrGnB9zSfZx3f-MV6MzkPxpBZvFrY_cQ1YafeBtLCISMUrC9IFpgyAu3MB53qNVssHXWFmjKMU4x7g6U3H6hpMxqISEziU8qBiOPCwLpkp_EzCQShxakjWneEqMkg16j8d45PAeS6pM87bf93Kr4EC9Db8UKEWNYFHZFo2bRwOCk1widSus2aqwqDlAYg4zgb8JO5xwxA5Dqp4CeNZ0Z-b80bmbYsobC0k22IW0Cz_Xa7VCKdUmZ8rrwri0WUT3UoLLk1tYhDaABMKg9lnmgINwQBcD2oi5cY8U-C_0fIq8Q7Wb7CradTKXFQpGZgdd2t1B1rrchl_uql61PXeXIcibThYCXa-bOLDbUd435OSs3qkP59gCuOoGYr1qrDCHXEFtwYgVFTUbqEx9BypSwi95pi8O1p-5eUBzDYkp6QFFKdXq0o-egwZFaK-KmNsCq20mEVjvzLILXgZcu85FwDnl3tcdDVlSDEBSUOsS6zs8zcVndOgZbu5eVqxw_5dVt2Z6O0PcXyp7JsClb7HJKH0a6L9MjZZJiW_v_tTCkigXGTCqEJZfKfKKnx4tjHHiYIOdlYqjFzvRQe5sYSaNhjA7erAaMIfkBeroldnuwyN1LKcrmuLc6xwMa9bNyh5tpjP0OOCeFKq8iJTm87_maM5pUawb7RL8pNtvw7I9F-aZJaH0s87HGT4lTvZVtxkNtU_2foNheIHWUrf9jWbtHIvRgAiEtNr7DJYEkv1O3ROC9XsEiow1afWPNFboJtD7ZCzDASQFS3WeVBSIbAyApPtbtqJ8vUc5aYSzXb1bTGyM0hRC2W_gw6wd8fCyQWAsWg4nyEfHcOWjhEjRZqreU0cDoWCsIgWO7jzwDtUhDLC0jzR2Lf7I1G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9024 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukliZ85LIXzlQiHHXD-Z9U5QUkwG9XSsFJKH-bD0APOhPCRX_6jjSE1BMEEGkB7myWgU7SBGGSRlEh9Xl-OSHS62b3OfeLLawqoMx0G3HRXTt-6L7ZY0qSxdLpZYKOn6FWUITdaA&sai=AMfl-YTKeTs8TfBwWaOfpSVwvaLNxA0eRjUvWii1CWH9v98aHAE1neq1O0KXOQ9B7vD60XTiQ2gCMnlK7N-roKxD8miwri4ilhCx8snzYm3uUEh7BIW4bkyhHUHj9X9s&sig=Cg0ArKJSzGYUpkVJHcjdEAE&cid=CAASJeRoAFnTujunKZmFgF8crFYCXUTozPS-UaRxaWVvwf-sg4NaJyE&id=lidar2&mcvt=1045&p=163,315,413,1285&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3458405746&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662827805029&rpt=1860&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0232 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG168Fr0cY5aoJaCX9u8P4L6zwAcAAAAAOAHgBAI&bg=!KimlKW3NAAZTikH4c4o7ACkAdvg8Wg23a8D70--iK6s3GT-nCopn4z7A5KLNDbS-tkXLut2rL6smbgIAAAH5UgAAAARoAQcKAI5me7SXO41EFjjcHrpxwaktFQLIUJ3jJO80FDJSh5li_guosrS-U4mzwVz1om6vRJl50aCuh-yuPFmHEjqeuPTfVU69ebGfayhp_DeTQW2WFxcMjQRvxpNUplg0mDj4m2oqj6yvRU-Vnl7bJPEsdVtMdJKnsPSDG0Khe8vjeBk-4PhrYL5Zb590pyFwGJUOmQMC1kY8bDDXWURvZ2xEE5sIPnj1hivn0Ge3L6DYcXpXv4Lq7uqpZkwsxlj_sZpAENN5UMZZlCgA0QXxLaoHeKo5Krk1PK2qOx0kK7v8ykVWT5CD_q_0k3HzWlJvuwBeAgTcawLfN4Rus5plnYUnif05MlRd37Qn-_WzhSNgu88EOB25TZfBQoBaH9SXg-7aCmaBU__f2SosODf6fXpJVJHlQoSa-TD4YzytPpw0LiP9J_elrY7o9lABPkCo1CWkRSDZIJd5KgEoH3FsYunjlIM6WzM-JZzPiBEdCz66EuQK6VnHn-L5N7F8MDsIksrfiDAzJQL5u0yrJvSlSUtwm2ZC9-qjV8pkQ_tEKVaOSCFqoLiQmVk8YbwEiiVzQBEhakcPLFRbIcnFbmhtUSPHmfqe-PQXTHlOdRIk6Lr4xpZon5lWxjXlSUPjpGxtEb5j8NXqDrBE5XMkzcBsbeWOT72D5C3cbLg--ZD6Aq5S50TPJAS0zCAg8aI9IGL9PTvW20ATzdblHDFNLc0YzVmgtL8eueX_O-yntuGqRt4cXdt0JMrKsovMPQQAOCG6eAgoSVreAq8U-0yuVrdMeVcj-mnqlGvJ54xpKcgRJNJcO2uCtySoQfYxQ0VijktR9AjQzUQPPgSSsv3t9nCr35zoUWSSCoCTYeEyFu1Z-ZQRGsH1SQOdbnhSnYcTPF2uWMMpsqurVmKsTLHBA0hruJaa7XpWKwwfulNKvF2mDKWNbSsq-rC4y2mSN65yLOKJY9FIEI1JT0YCBm5WnKz5ZzInSDsolYjfG5VBrgYWuyUlz2n7iVwAV3twpZ1jukU2SvjB1q52oIp-ZLt8qolYpsl8D4cQa6Xt6GTmHrZ8U1bS2--NdgeGcZBMkQzJbcae9z8_wBqJYNvnCtOHgMVwXn2EzB18vZ5eBuFA2AMt0ivyO-N_VNOEO53rBdSKD8CNgmjVnHShO7NF3w5BtoyGI6FcE6mpEfinZCf5NSdiWVUHXZZVSfDROo_XS9vC2ZWtBhP2iHY78XY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CA71 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ00Tv3Ihk1nIueybz8BK5m5ayM3rma_cSpc7BrDWkeOBOBZQt5TfalL9wHg0tyr_Ki0DKKi_KZKxaTmZnkJoSlEOQEz7dcmrfQcLRUXwRtaAyKBXQB9VcMCHEe1kLnlHTs4FgZg&sai=AMfl-YTDLFulSru9nQzhIFkyPpVyVYaJpi840eVh8Gc5yVX4V1bDk3ZF6L6QxS_gIJsYHKXkCEppeJXw-eIx_1uQBMVK3rz-RiSJ0fsqazRfpUE-k4tfWHa1RlhomECa&sig=Cg0ArKJSzDtXDhDnvsnMEAE&cid=CAASJeRovvxqmAmto7ZHO5NIOb5ZSa4avjcqokT_T5UjxWmTn8q6lQU&id=lidar2&mcvt=1035&p=20,1523,60,1564&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4141907819&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662827805023&rpt=1904&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5656 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3oGsFr0cY_7MJd2l9u8PgemM-AYAAAAAOAHgBAI&bg=!JCelJ2PNAAZTikH4c4o7ACkAdvg8Wi_EiDn8kf77LxRhBJIQ2hg0V7mBxDDMoKx4Z0gShG-mizuXZAIAAAJMUgAAAAJoAQeZAwvJMLmiqGRriDb9H4yFJKM7Shyljmgh32S9E0CPvtK4faX0ZbffuSut3oHbczVETAb5mmsUdio2UTxuZbwI9Ko4tiFQIm1M0hLwHB6xt9z9UKEacFALjFcgfYjCgbIs5OqVsIyw3Jb912qHzVSbR9syNvd_MbAVKmpYshmkXOS1hfEcThxFQVNboW0bCwCtCZcfbjr6EMTmQvWtb48xanl0KEwdka2Y3KvbLwQvYqKzmPt21SLO_s_8B8wvP24mQ8fKeGEhBqwIvNoLdcnRj-emqSqzTu7M1XflBNgazVjcbPgUvZY9CujtTE9-7HbaIlXWkhgKjzmgqbwfw5wews50Y35xRrCE1b-SNYn4r2pp0La7YPWBEPjdQDZEhvvhA930cJ7zL9iF782auOmMyxkN82TmhVotp0UGdnEWA8PSHb8FmuSZGjTzwZNfCmcropKugH_VWQnRxEtQynbzVVHSVV1kEyh6NriAAzp-ADtyotyY76BCgQ39LBjDEWODsSTRE1sj-JuCLU7hoKoVCV_njvrMvliRp9-9JnP33eZbcWKciOmkECje_m6AhY1Nr7Zu148ydk2tc5dBdVm-0bPqd2jk4DbMEgGQQnRRg1zs9GPyS90uP4LkTOz0oH37wO4e9jELbHZQfp4EqU6IX8zAS8AdbfEevjgFnRdi1OkE6DU4wjJszQQH58yhmMVE5v4FKdQ8IAOoLXrPk7bbyMcng0qzy5twMIucdGLguDtlvRqSh_CHcCLR7qtjdjLK-MX21apPUCmpoOBO9ARsR5-uvhubVg4Qxu2LWQqx4rEeyjM-xud8DgXTVA4S7lwI_jP92qUkSH40UElWfEZ3w7VYfsXxhRHKSVXFoPNBI7wtCqn06VALZnwBeOPOTIg0sXCgpSDBK3OeCl26D-sw-AIfDFKcXJBJ2KQ760fgkq8xy-nPkqMmuU90ezZK95KLi8WdNJsJfUOMHdxHBSvnfoQ547QCYwNhO4b7Y2lvF50el7Aa2G1VIlk9QTnIpkyyx8iBeNTMseg5J-YNIg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=1973381689733871&bg=!8fKl8rbNAAZTikH4c4o7ACkAdvg8Wg7NpJRq9krYeyJOgsf0pIdkmHXx1DF6xuU6jhjfrwEyMkskYQIAAAJSUgAAAANoAQeZArTu7DMMWdAEkzqu5U_Y-Yy3vqNRELLcxSThqM7BBe-PMZomVgawjekP5XjSwyConAawu6jovvLoN0c98zCTB4-PdCf3SWr3yZAypkPz71RWUIXeo_S8wHMA2_H9a6_Xuo2ruTpIJ_assXw7nk9iB8sKOyACfVgYr8SqonTk107wFM_PhSrIsdYYf2xSnwdTPMVJYmw2tOd-prdep879zNRv3Hc4nXCz3FMj8YYY1NBBxhJwdrGacosJn1mMOSt_zuyd3L0BgLQ8dF5R9LVXS6_C80VRvjmKyTM7g8-puUUEIVrq1z5zDROrhIZnAxwxnfTuyrYxxng6yr4_OPpfo2PA-or8KnNm6tuZUfugL2wS6S7avm9O2wE37dBwYI_eV_qpYPngxKVGyqKXaRXaQcWCEPMHrJyScxpUKQ04MTfSM1jkFp7KFe9cCGVZ5ck3O1YKN4EhL2RySFJdKjXj1Vwa43beTjqxJVaKPqBRb306gj989ThYeN9GCbYhxmOQT4MSRGHEkR-pzH133sv7FVDyX6AHhY1_0mcFhWuELLSzZoV_rZrTCbTVJzjVCxDN5GUNdRyUzuHlT_m83_T6qUkwOt3mLbluJr1oog2QCCaVijuVs_TjCZIwkqI8TzUFrzXnfLhN0N6V_uc1RD8dBph45YB67c1fJ8_6Wopjf8eQevq4OekhkQP7RjsAkcCtaOnP5bCwW3s0GnyAvWP_IslZ2wVbHZztos1VTunaAXSWaOgdW-VEbNo9WxEy2RTSdICpLJP4XwMYX81yVsXLEGRceA-tTwrppDDZn4vrZQ0l00YNAzCJzkhf68q9w_e9ZIExbaeKDID7p03DjOgBLGAYb7qy8j62HEVCU_j98Re-oQHyuk1i9KWGoVgU3wihTfnsltzHQeC0MAg4SI7D6EpdT5C5fA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame FA2D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp7.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=1831553280394863&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=2711263291&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=8F313159-EA71-400C-8E4C-D1A617142FB0&nel=0&eid=44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dlt=1662827807561&idt=528&dt=1662827808138&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=1509769412971530&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/ Frame 898C 		1 KB
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd3bac2dbc59f688a5fc94d689fa24dab8d9c5f8aa76c083c3386114fd0fab4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:34 GMT
txt2@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/txt2@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec58abdda42a49abc60e1be89810c7dfe797583495b360ab8dde05ba10de4a16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2375
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
txt3@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/txt3@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b90d0a2d83ab6b64327c929439cd396fb2de1e59a42ff6f58a69dfe6e587dfa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1939
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
txt4@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/txt4@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfc8f57087e5623cf58ff9793b6e1ca9758251baf048c4516b291c2b6812b3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1552
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
txt5@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/txt5@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1142cc7eb916299c85182c8748abe4aace6055743fcf5021e9305de025b5b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3623
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
stoerer@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/stoerer@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b63c7b7230f6b844b83563b7a9a34022e30195b29c02cb99d829a0256261e3ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1160
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
logo2.svg
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:42 GMT
bg2@2x.jpg
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/bg2@2x.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6cf68fc5c8593bd85e422a1e2959c22097c1bae30e95f144f91907d574dc36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:44 GMT
x-content-type-options
nosniff
age
465357
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18047
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:44 GMT
legals@2x.png
s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/ Frame 898C 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/img/legals@2x.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de27ab75ce01de2fd46b8d2140475b4867e557c884afafd4396eb3e6a34f0218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068136909206991285/63-IWE-Sondermodelle-Skyscraper-160x600-i30/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 07:20:42 GMT
x-content-type-options
nosniff
age
465359
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10736
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 09:31:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 07:20:42 GMT
/
ads.viralize.tv/track/ Frame B0CD 		0
0
/
ads.viralize.tv/player/ Frame 1A78 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827804328&sid=01ed3126bd36674616d2284d224ed5a1&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=3&gdpr=1&cs=&cmp=unavailable
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
26fd7a2ea25de68d06c47869f9df238570421f892dc63e84127d527e68e7f678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame AC2A 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62937
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame AC2A 		101 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=18
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame AC2A 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:41 GMT
viralize_player.min.163a9944.js
monetize-static.viralize.tv/ Frame AC2A 		778 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.163a9944.js?e=ops
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14da Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduX5QyiE2vL0fnXqiUP3LFK0Mln37aVkJtjCiBqPBK70V6H5_JedT62xsx9NMDEeJ2EGEJ941DX_b0hLwizQ5OmXQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
232526
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
server
UploadServer
etag
"163a99440701696948190b6a64e8d926"
vary
Accept-Encoding
x-goog-hash
crc32c=VwQX7w==, md5=FjqZRAcBaWlIGQtqZOjZJg==
x-goog-generation
1662113891233348
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
796325
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 Oct 2022 16:36:41 GMT
iphone_3733.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/iphone_3733.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
280bda623126ffaf025bd0f817b06fb0ab806ed2ab74e0ba5879478b2f9732c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
9608
cf-polished
origSize=194076, status=webp_bigger
x-msg-hkn
/
content-length
158855
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 13:56:21 GMT
server
cloudflare
etag
"631c9785-2f61c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 13:56:22 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489957ec8459bdd-FRA
cf-bgj
imgq:100,h2pri
akraba_2165.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/akraba_2165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb6a3806ffac25e0ad087b61d9037beb718315045746b1d4cc6f1983f39b678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
3965
cf-polished
origSize=153537, status=webp_bigger
x-msg-hkn
/
content-length
89820
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 15:30:14 GMT
server
cloudflare
etag
"631cad86-257c1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 15:30:14 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489957ef89c9bdd-FRA
cf-bgj
imgq:100,h2pri
ima3vpaid
tpc.googlesyndication.com/ Frame AC2A 		931 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp6.5%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827801%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9aa179ff21c0526d6ad8c682d16f80b352bdbb63b66ff032136b3a90532da43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
565
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame AC2A 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126bd36674616d2284d224ed5a1&item=YWRuXzc3NzTV0YQkMlWBew%3D%3D.1.1gck45hum-iuq3s2ht548-YWRuXzc3NzTV0YQkMlWBew%3D%3D-wp1sc3
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 6BD5 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334212
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame AC2A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:41 GMT
integrator.js
adservice.google.com/adsid/ Frame AC2A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 6BD5 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp6.5&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=707626422760904&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=1702910345&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=AD8E2C0A-FCE0-438B-8816-E7EF6611D420&nel=0&eid=44752052%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dlt=1662827808610&idt=353&dt=1662827809045&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=488137013977563&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 196C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dPWo9DFJN_5Rv0Q37sOgP4k3SEBcuJXFigtCNUUjxLHi62Uc1caFZhVhBmlApyFGMzLygHv2aa6slFSxknECyL2ACN5c70-LZp5K2-ELgh0FdJ-EhlkjtXsZZC6YEAdJqfEvJ54N9GuceBMwNJIBmaPEAOgQ2qowY0gNgqVGmKkH5Xpvgm3oehlVMgUZ5GeaQ1PgJNgiZqB6SxO45dKSmz4TzhoY9fc0H_xsgTwEFtGLFXCW3kWBLuqyoZ7gbZFwPEznhw&sds=2&rev=82694&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yxy9FAAObmIH_YYTAAMgLZcnVV2sxxKYGV-26w&u=%7CdghSOyckoTVwpwGSw7FoQbO3z2%2FF8imBclSlNBIqaeU%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6S1ncctLasMz1OWgLUU-5y6yRevD-HSCG1IF5EAollId9bMzACPfkkVcBKyXvvdhZOxOmYRS-FFU7Fp2Ik2agofbDP0MhAMTaU6aDhUW3yDXNwuFa7-OBNdZSEWo7y19xnyS780uuVC9ZOzYrTwidxZ4eu8IRXqfsRRy9DB-D7tuIl-qd61QV-KUaPpgkyHocWn9bqQqrBPnSyfJRgX9ihwabj8ggqN3Xo53zhPOcw9F9bXc43iyok8miRc5EZmAYw9Rwc-sTOQrcN2UuPOh0YJo_iAgoNG2ho2B92sMDZROxg2LrtHaiEXvvirqGXYHaLjJF-GiSPaAazLHKF178F2P9wFM486sIrNRvZMBvf-t6T6bTDdVEKWTEp3pf_1CylqXm-GVNrJxBKYZ2EhhSrZcljDIHP4ca8moDm1C4eBPedVuGB13CeKgaw6VEFh-cXuOr4U0CR6-A9K9Nbc1WhQLKToBYXU_6SyXKtkWYJNJwzzmq8LrsZjcdXDB0P_3jQzX3l_k_o3fLX1EcRcXHkyolKZhYcn0xTwW2Rfb2LT99k7ozy5rTiROgzexceTjCTv7ldsCZhe40RrPxzKavbt5oA-k1MydnTnGjdQcpIJQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxLtzFL0cY-LcOZOM9u8PrcCMyAvJntKxXNWdkfdwwI23ARABIABglbr4gZQHggEXY2EtcHViLTg2MDE1ODU1MDU3MDE5NDegAdW20uoDyAEJqQKGvsSd3diwPuACAKgDAaoEmwJP0FXFmjliDBSF-3vxvyjvJs2YEPSKUDy0h5de6znkwxuWupIuc7nbiN9Bmcl5dHRy75ucb10vgK9SuexmSGUUIatAFbO3kBeW-lYe1XKgmh9ITrL3_CqCnPWT5MaqfWAegoZ0pvJyzy3VCWT6EVBM0u7KxadR_-GJdME5DJ2SEVQVHTGX473IgOGvYoY5g2_IinepdZjJ17aUAKTHS4FNk1CvrI258OfywztTjyfJ7UhKMoWmS-LOvczKMgvThlPNtFkZtIi05adrKb8vAoC5_FKMvr57dPKtre7B8SGAATEcTQ9M_gzdG9IiqzKTdO6bCwMrk8o29_yRK1zUPJC-HsZo2nUuzM28mONvtP4CwMJBcvBma0NCZ9GX4AQBgAaDlJjj1KzUrV2gBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3p5PqnfxV5OrI4QH1w4Pzh7eShPA%26client%3Dca-pub-8601585505701947%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 10 Sep 2022 16:36:41 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxp1K,pingTime:1,time:2520,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D,%7Bpiv:100,vs:i,r:,t:1515%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1515,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1515,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:272,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:42 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxp1L,pingTime:1,time:2521,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D,%7Bpiv:100,vs:i,r:,t:1515%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:1515,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1515,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1005~100%5D,as:%5B1005~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:272,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:42 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
ads.viralize.tv/track/ Frame AC2A 		0
0
/
ads.viralize.tv/player/ Frame 1A78 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827804328&sid=01ed3126bd36674616d2284d224ed5a1&experiment=ops.&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=4&gdpr=1&cs=&cmp=unavailable
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
33c00c49eeee7278178a46aaeb8c882c9682426d655f5c1d14c5b3efd37c3cee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 3E5D 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62938
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 3E5D 		101 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=14
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3E5D 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:42 GMT
viralize_player.min.163a9944.js
monetize-static.viralize.tv/ Frame 3E5D 		778 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.163a9944.js?e=ops
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14da Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduX5QyiE2vL0fnXqiUP3LFK0Mln37aVkJtjCiBqPBK70V6H5_JedT62xsx9NMDEeJ2EGEJ941DX_b0hLwizQ5OmXQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
232526
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
server
UploadServer
etag
"163a99440701696948190b6a64e8d926"
vary
Accept-Encoding
x-goog-hash
crc32c=VwQX7w==, md5=FjqZRAcBaWlIGQtqZOjZJg==
x-goog-generation
1662113891233348
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-goog-stored-content-length
796325
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 10 Oct 2022 16:36:42 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 21DA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F98948493%2Fensonhaber.com%2Fvast_desktop&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.ensonhaber.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ensonhaber.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=600000&vrid=1269020&sid=D14FB484-32F5-44CF-801D-FCC2ACD10C8F&adk=1262972149&correlator=1307387765329416&dt=1662827809734&ged=ve4_td7_tt5_pd7_la7000_er957.1168.1200.1600_vi0.0.1200.1600_vp100_ts4_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&scor=962353395350160&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44754420%2C44760950%2C44765701%2C44771693&hl=en&frm=0&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&mpt=viads%2Fhtml5&sdki=44d&sdkv=h.3.529.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&ctv=0&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3vpaid
tpc.googlesyndication.com/ Frame 3E5D 		931 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp7.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827802%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bba5be4a1a7672fea505087f7f903c6ebccc85f6b3b02781e90a84b575872a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 3E5D 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126bd36674616d2284d224ed5a1&item=YWRuXzc3NzAreFesWx6Jkw%3D%3D.1.1gck45j0g-8vkfkonlakg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc4
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 84C1 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3E5D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:42 GMT
integrator.js
adservice.google.com/adsid/ Frame 3E5D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 21DA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F98948493%2Fensonhaber.com%2Fvast_desktop&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.ensonhaber.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ensonhaber.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&min_ad_duration=0&max_ad_duration=600000&vrid=1269020&sid=D14FB484-32F5-44CF-801D-FCC2ACD10C8F&adk=1262972149&correlator=1307387765329416&dt=1662827810235&ged=ve4_td7_tt5_pd7_la7000_er957.1168.1200.1600_vi0.0.1200.1600_vp100_ts0_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&scor=962353395350160&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44754420%2C44760950%2C44765701%2C44771693&hl=en&frm=0&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&mpt=viads%2Fhtml5&sdki=44d&sdkv=h.3.529.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&ctv=0&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 84C1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp7.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=4063587390796775&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=1702910345&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=0F9F8CDC-7105-4AE4-99DB-577F27E6441D&nel=0&eid=44750822%2C44754420%2C44760950%2C44765701%2C44771873&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827810270&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=3551671989763834&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 3E5D 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126bd36674616d2284d224ed5a1%3A0%3A1gck45j0g-8vkfkonlakg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc4%22%2C%22bid_opportunity_id%22%3A%221gck45j0g-8vkfkonlakg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc4%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:43 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
pubads.g.doubleclick.net/gampad/ Frame 21DA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F98948493%2Fensonhaber.com%2Fvast_desktop&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.ensonhaber.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ensonhaber.com&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=3&lip=true&min_ad_duration=0&max_ad_duration=600000&vrid=1269020&sid=D14FB484-32F5-44CF-801D-FCC2ACD10C8F&adk=1262972149&correlator=654173947858553&dt=1662827810691&ged=ve4_td8_tt6_pd8_la8000_er957.1168.1200.1600_vi0.0.1200.1600_vp100_ts1_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&scor=962353395350160&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44754420%2C44760950%2C44765701%2C44771693&hl=en&frm=0&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&mpt=viads%2Fhtml5&sdki=44d&sdkv=h.3.529.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&ctv=0&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
viavideo.digital/logs/event/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viavideo.digital/logs/event/player?sid=104366&tid=15991&event=rtb&event2=resume&cb=1662827811127&vis=0&v=206231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:43 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
ads
pubads.g.doubleclick.net/gampad/ Frame 52B0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.ensonhaber.com&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.ensonhaber.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ensonhaber.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1218724&sid=4AAD270A-98E1-4829-AF07-447FE11C5733&adk=2123602379&correlator=654173947858553&dt=1662827811140&ged=ve4_td8_tt6_pd8_la8000_er957.1168.1200.1600_vi0.0.1200.1600_vp100_ts5_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&scor=4412070266559005&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=31061774%2C44754420%2C44760950%2C44765701&hl=en&frm=0&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&mpt=viads%2Fhtml5&sdki=44d&sdkv=h.3.529.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&ctv=0&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
viavideo.digital/logs/event/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viavideo.digital/logs/event/player?sid=104366&tid=7641&event=rtb&event2=resume&cb=1662827811570&vis=0&v=206231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
ads
pubads.g.doubleclick.net/gampad/ Frame 4C5B 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2FAdExchangeVideo2%2Fviads.ensonhaber.com&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.ensonhaber.com%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.ensonhaber.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.102%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=30000&vrid=1218724&sid=7A9E98E6-D373-4CCF-B197-A8072BEBDD4A&adk=194073650&correlator=654173947858553&dt=1662827811579&ged=ve4_td9_tt7_pd9_la9000_er957.1168.1200.1600_vi0.0.1200.1600_vp100_ts6_eb24171&is_amp=0&npa=false&omid_p=Google1%2Fh.3.529.2&osd=2&ptt=20&scor=1280272772261390&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vis=1&u_so=l&eid=44730464%2C44754420%2C44760950%2C44765701&hl=en&frm=0&media_url=blob%3Ahttps%253a%2F%2Fwww.ensonhaber.com%2F449eeb0b-59c1-43e7-8044-9af08cd10b0b&mpt=viads%2Fhtml5&sdki=44d&sdkv=h.3.529.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&ctv=0&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
player
viavideo.digital/logs/event/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viavideo.digital/logs/event/player?sid=104366&tid=15833&event=rtb&event2=resume&cb=1662827811828&vis=0&v=206231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
/
viavideo.digital/rux/abcdef/104366/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://viavideo.digital/rux/abcdef/104366/?pub_sid=104366&VIA_WIDTH=432&VIA_HEIGHT=243&v=206231&rc=2&cb=1662827811831&page_url=https%3A%2F%2Fwww.ensonhaber.com%2F&na=0&imp=0
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
da664f1ed1b45deb4ad802ab0ff301ad6d36c8e5e30998ef685257e5aa5336e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.ensonhaber.com
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
/
ads.viralize.tv/vast/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https://www.ensonhaber.com/&cbb=1662827811887
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3f8c05df0ebaffc948fdcfe7bc0959973b77dded7686fd53abd3f5065c4a03ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
cs
rtb.viavideo.digital/vast/ 		71 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.viavideo.digital/vast/cs?zone=104366&w=432&h=243&vp=4&site=https://www.ensonhaber.com/&cbb=1662827811888
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
server
nginx
age
0
access-control-allow-methods
GET, POST
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept
/
s.richaudience.com/vid/YSo497V15z/8216817/ 		160 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.richaudience.com/vid/YSo497V15z/8216817/?consentString=&cbb=1662827811888
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.0.13 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.13.0.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-max-age
86400
access-control-allow-credentials
true
ac
videoapi.smartadserver.com/
Redirect Chain
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889
  • https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889&...
129 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.126 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:43 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
text/xml; charset=UTF-8

Redirect headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:44 GMT
access-control-allow-origin
https://www.ensonhaber.com
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://videoapi.smartadserver.com/ac?siteid=473392&pgid=1490741&fmtid=106827&ab=1&tgt=&oc=1&out=vast3&ps=1&pb=0&visit=S&vcn=s&vph=243&vpw=432&vpmt=2&skip=1&mabd=60&tmstp=8216817&cbb=1662827811889&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ad_request
ads.aralego.com/ 		0
573 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=ensonhaber.com&ver=UCX_WEB-20200113&adid=ad-BE78D938BADA6494F79A93AAB87BB7B7&atype=2&u=https://www.ensonhaber.com/&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=1662827811889
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sat, 10 Sep 2022 16:36:44 GMT
X-Width
432
X-Height
243
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://www.ensonhaber.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-SspId
e44f318b-07a1-31f3-b051-712a5f38b5bd
Connection
close
X-Adtype
vast
dsp
viavideo.digital/logs/event/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://viavideo.digital/logs/event/dsp?event=rtb&event2=request&sid=104366&tids=7639%2C7615%2C17552%2C15832%2C7643&v=206231&cb=1662827811887
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
last-modified
Tue, 28 Jun 2022 15:48:44 GMT
server
nginx
etag
"62bb22dc-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
viralize_vpaid.min.51b110b6.js
di-j9ffzxea.leasewebultracdn.com/ Frame D0B7 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
19c86d5ed205456df7cd9d104b3ef8133f013bd4b4b172b765e55019dd8171c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 07:39:45 GMT
etag
"1662017985"
x-hw
1662827804.dop144.fr8.t,1662827804.cds139.fr8.hn,1662827804.cds052.fr8.c
content-type
application/javascript
cache-control
public, max-age=1782417
accept-ranges
bytes
content-length
18723
shim.gif
creatives.sascdn.com/ 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: hhkld.com
URL: https://hhkld.com/rucdn/js/player/220623_d44559ff.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32c1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Unused62
8096267
Date
Sat, 10 Sep 2022 16:36:44 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 10 Sep 2023 16:36:44 GMT
/
ads.viralize.tv/player/ Frame D0B7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827811887&sid=01ed3126c1afb90e2b8122841df32541&experiment=lpcdnall.leaseweb&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=1&gdpr=1&cs=&cmp=unavailable
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
8769de964f60f800a04076134a260001b8b30662bc7ef11482edf7616c729ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 7AB1 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62940
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 7AB1 		101 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=19
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7AB1 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:44 GMT
viralize_player.min.163a9944.js
di-j9ffzxea.leasewebultracdn.com/ Frame 7AB1 		778 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di-j9ffzxea.leasewebultracdn.com/viralize_player.min.163a9944.js?e=lpcdnall
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
etag
"1662113891"
x-hw
1662827804.dop144.fr8.t,1662827804.cds139.fr8.hn,1662827804.cds129.fr8.c
content-type
application/javascript
cache-control
public, max-age=1878334
accept-ranges
bytes
content-length
232526
/
ads.viralize.tv/track/ Frame D0B7 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ed3126c1afb90e2b8122841df32541:0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:44 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ima3vpaid
tpc.googlesyndication.com/ Frame 7AB1 		931 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp7.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827804%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcbbbb98962d675c60e9100003508edbac9b05805408831f0bd7e9051b7839e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 7AB1 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126c1afb90e2b8122841df32541&item=YWRuXzc3NzAreFesWx6Jkw%3D%3D.1.1gck45lfe-qr8uica4hfo-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc1
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame E617 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 7AB1 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:46 GMT
integrator.js
adservice.google.com/adsid/ Frame 7AB1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E617 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp7.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=2458662476206762&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=1153738041&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=67BAAAE0-A111-4FBA-9830-A1B93B4837AC&nel=0&eid=44726389%2C44750824%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dlt=1662827812111&idt=394&dt=1662827812532&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=3864058776615221&ged=ve4_td1_er0.0.0.0_vi0.0.1200.1600_vp0_eb16616
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 7AB1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126c1afb90e2b8122841df32541%3A0%3A1gck45lfe-qr8uica4hfo-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221gck45lfe-qr8uica4hfo-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/player/ Frame D0B7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827811887&sid=01ed3126c1afb90e2b8122841df32541&experiment=lpcdnall.leaseweb&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=2&gdpr=1&cs=&cmp=unavailable
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
016750ce5101d8481fc0df7f49593b2139835594d7fa2e9fcbae9fc8792d87b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame FDE2 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62941
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame FDE2 		101 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=21
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FDE2 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:45 GMT
viralize_player.min.163a9944.js
di-j9ffzxea.leasewebultracdn.com/ Frame FDE2 		778 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di-j9ffzxea.leasewebultracdn.com/viralize_player.min.163a9944.js?e=lpcdnall
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
etag
"1662113891"
x-hw
1662827805.dop144.fr8.t,1662827805.cds139.fr8.hn,1662827805.cds129.fr8.c
content-type
application/javascript
cache-control
public, max-age=1878333
accept-ranges
bytes
content-length
232526
ima3vpaid
tpc.googlesyndication.com/ Frame FDE2 		932 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp10.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827805%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae208e5179d847992aff8c7084bd4643f9b74a33ace58e49f908f21953e086cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
566
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame FDE2 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126c1afb90e2b8122841df32541&item=YWRuXzc3OTbTNB-0YTyN0w%3D%3D.1.1gck45m3l-iqvfhnqrl5g-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc2
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 02C4 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame FDE2 		0
0
integrator.js
adservice.google.com/adsid/ Frame FDE2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxq4g,pingTime:5,time:6520,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D,%7Bpiv:100,vs:i,r:,t:1515%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5005,o:1515,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1515,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:110,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:46 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame CA71 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1171896&asId=4982103f-b987-8ad6-de54-181ba7357488&tv=%7Bc:nPxq4g,pingTime:5,time:6520,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:376%7D,%7Bpiv:100,vs:i,r:,t:1515%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5005,o:1515,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:376,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1515,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:110,fm:th3a19e+11%7C12%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l1%7C1l2%7C1m1%7C1m2%7C1n*.1171896-65674243%7C1n1%7C1n2%7C1n3%7C1o1%7C1o2%7C1o3%7C1p1%7C1q%7C1r,idMap:1n*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Sep 2022 16:36:46 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ads
pubads.g.doubleclick.net/gampad/ Frame 02C4 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp10.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=710560695274884&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=2711263291&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=FD595D81-2690-45A2-AA33-B96AB64A9F94&nel=0&eid=44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827813648&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=4329301423799717&ged=ve4_td1_er0.0.0.0_vi0.0.1200.1600_vp0_eb16616
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
kaza_5165.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/kaza_5165.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c427509acdc979bcd02880e9437dee4f5d04c6526f15f3ec4e9c2c4ea317f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
10560
cf-polished
origSize=184119, status=webp_bigger
x-msg-hkn
/
content-length
152517
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 13:39:52 GMT
server
cloudflare
etag
"631c93a8-2cf37"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 13:39:52 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489959e0c179bdd-FRA
cf-bgj
imgq:100,h2pri
hakan-sabanci_6536.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icdn.ensonhaber.com/resimler/diger/kok/2022/09/10/hakan-sabanci_6536.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3f4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1af2efbc388fa22d224ee6b551be80532f73578f00f30d7584116d408d36f25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
x-msg-05
fetch: save cache with 1M
cf-cache-status
HIT
age
6133
cf-polished
origSize=170780, status=webp_bigger
x-msg-hkn
/
content-length
93447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor
MISS
last-modified
Sat, 10 Sep 2022 14:54:04 GMT
server
cloudflare
etag
"631ca50c-29b1c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 09 Nov 2022 14:54:04 GMT
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
7489959e3c819bdd-FRA
cf-bgj
imgq:100,h2pri
/
ads.viralize.tv/track/ Frame FDE2 		0
0
/
ads.viralize.tv/player/ Frame D0B7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827811887&sid=01ed3126c1afb90e2b8122841df32541&experiment=lpcdnall.leaseweb&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=3&gdpr=1&cs=&cmp=unavailable
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
f21fcb04935fd38258f1e4257ff8d991e8dde2a623767d44f4ac822ff7e76711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 27AD 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62942
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 27AD 		101 B
154 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=14
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 27AD 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:46 GMT
viralize_player.min.163a9944.js
di-j9ffzxea.leasewebultracdn.com/ Frame 27AD 		778 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di-j9ffzxea.leasewebultracdn.com/viralize_player.min.163a9944.js?e=lpcdnall
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
etag
"1662113891"
x-hw
1662827806.dop144.fr8.t,1662827806.cds139.fr8.hn,1662827806.cds129.fr8.c
content-type
application/javascript
cache-control
public, max-age=1878332
accept-ranges
bytes
content-length
232526
ima3vpaid
tpc.googlesyndication.com/ Frame 27AD 		931 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp7.0%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827806%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a6f143f04c36af783a86b904cdab8891dc7efe0524221096f1a97ce5ba23e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 27AD 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126c1afb90e2b8122841df32541&item=YWRuXzc3NzAreFesWx6Jkw%3D%3D.1.1gck45n4d-h5c82pb5oeg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc3
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 07A2 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334217
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 27AD 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:46 GMT
integrator.js
adservice.google.com/adsid/ Frame 27AD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 07A2 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp7.0&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=3377551397331103&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=998331656&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=21B7F22A-C782-4D36-A1B9-83D5000224FA&nel=0&eid=44725355%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dlt=1662827813912&idt=315&dt=1662827814265&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=495102622300341&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 27AD 		0
0
/
ads.viralize.tv/player/ Frame D0B7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&cbb=1662827811887&sid=01ed3126c1afb90e2b8122841df32541&experiment=lpcdnall.leaseweb&ahd=1&enable_branding=0&player_session=%7B%22page_id%22%3A%2201832842b8df6887767f522979d11d40%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A9174%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&pub_platform=&dd=ensonhaber.com&sc=4&gdpr=1&cs=&cmp=unavailable
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
8870511f84edf65f9d82d73215744674c6f7dfff91c729da89f49b394b82d9e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ensonhaber.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame C6E0 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
62943
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame C6E0 		101 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 08:20:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-hhn4072, PASS, fastly;desc="Edge time";dur=33
accept-ranges
bytes
content-length
94
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C6E0 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128333
x-xss-protection
0
expires
Sat, 10 Sep 2022 16:36:47 GMT
viralize_player.min.163a9944.js
di-j9ffzxea.leasewebultracdn.com/ Frame C6E0 		778 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://di-j9ffzxea.leasewebultracdn.com/viralize_player.min.163a9944.js?e=lpcdnall
Requested by
Host: di-j9ffzxea.leasewebultracdn.com
URL: https://di-j9ffzxea.leasewebultracdn.com/viralize_vpaid.min.51b110b6.js?e=lpcdnall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
last-modified
Fri, 02 Sep 2022 10:18:11 GMT
etag
"1662113891"
x-hw
1662827807.dop144.fr8.t,1662827807.cds139.fr8.hn,1662827807.cds129.fr8.c
content-type
application/javascript
cache-control
public, max-age=1878331
accept-ranges
bytes
content-length
232526
ima3vpaid
tpc.googlesyndication.com/ Frame C6E0 		931 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/21700180024/ViralizeRON/om_ron_vid_ins_d_catchall_pp0.5%26description_url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26url%3Dhttps%253A%252F%252Fwww.ensonhaber.com%252F%26env%3Dvp%26impl%3Ds%26correlator%3D1662827807%26tfcd%3D0%26npa%3D0%26gdfp_req%3D1%26output%3Dvast%26sz%3D1x1%257C400x300%257C640x360%257C640x480%26unviewed_position_start%3D1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
278b8b2771a645d8a1a42cdc9821bfb5d1eb04907b7a417dc17b643337c91896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.ensonhaber.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame C6E0 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ed3126c1afb90e2b8122841df32541&item=YWRuXzEwMjQ4MBKiTP4A1_k%3D.1.1gck45nla-hpv389h2cv8-YWRuXzEwMjQ4MBKiTP4A1_k%3D-wp1sc4
Requested by
Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bridge3.529.2_en.html
imasdk.googleapis.com/js/core/ Frame 4A65 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ensonhaber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
334218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Sep 2022 19:46:29 GMT
expires
Wed, 06 Sep 2023 19:46:29 GMT
last-modified
Tue, 06 Sep 2022 19:42:12 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C6E0 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Sep 2022 16:36:47 GMT
integrator.js
adservice.google.com/adsid/ Frame C6E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 4A65 		82 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21700180024%2FViralizeRON%2Fom_ron_vid_ins_d_catchall_pp0.5&description_url=https%3A%2F%2Fwww.ensonhaber.com%2F&url=https%3A%2F%2Fwww.ensonhaber.com%2F&env=vp&correlator=3798843265246036&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C400x300%7C640x360%7C640x480&unviewed_position_start=1&vpa=auto&sdkv=h.3.529.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&sdki=44d&ptt=20&adk=998331656&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.529.2&sid=B6FB6C75-5813-4262-88E4-7702F079CA62&nel=0&eid=44752052%2C44754420%2C44760950%2C44765701&ref=https%3A%2F%2Fwww.ensonhaber.com%2F&dt=1662827814797&cookie=ID%3D095b52e3c3be1ec6%3AT%3D1662827796%3AS%3DALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A&scor=1193459127097913&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.529.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba8e154ec042287443dad12fb436ea6386b31a0af969b79f8f65cefde14e654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17109
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/t-bid-done/ Frame C6E0 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AADPh4dFgdgbKwgH&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fwww.ensonhaber.com%2F&t=adn&gcid=YWRuXzEwMjQ4MBKiTP4A1_k%3D&bid_opportunity_id=1gck45nla-hpv389h2cv8-YWRuXzEwMjQ4MBKiTP4A1_k%3D-wp1sc4&l=ima&sid=01ed3126c1afb90e2b8122841df32541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
csi
csi.gstatic.com/ Frame 4A65 		0
0
csi
csi.gstatic.com/ Frame C6E0 		0
0
videoplayback
rr2---sn-4g5e6nsy.googlevideo.com/ Frame C6E0 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-4g5e6nsy.googlevideo.com/videoplayback?expire=1662856607&ei=H70cY-K2McqG6dsP6MC-iAs&ip=2001:1b60:2:240:3247::5&id=1fb6f1bb66eb9389&itag=22&source=youtube&requiressl=yes&mh=QX&mm=31&mn=sn-4g5e6nsy&ms=au&mv=m&mvi=2&pl=36&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.069&lmt=1649670529798864&mt=1662827339&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAIwvCtnwc_f4pjrhY7oATqou5nwHZgDIndvIuGq4cPFtAiAPa99oL8LqyalGWzRWTjKEinItXeeIuvJn9x38iB22wg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJJC6Ddt_kQIuteMfyG5pHaFfUreM9ra8OU64N-aUVu4AiBgXXEA05u69Iy2ZzBsHrA-FozQE29muu4aIFndJA7V_A==&cpn=XcGOs50uGXHQ_NNd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:64::7 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ensonhaber.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 10 Sep 2022 16:36:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Apr 2022 09:48:49 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-957398/957399
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
957399
Expires
Sat, 10 Sep 2022 16:36:48 GMT
/
ads.viralize.tv/track/ Frame C6E0 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ed3126c1afb90e2b8122841df32541%3A0%3A1gck45nla-hpv389h2cv8-YWRuXzEwMjQ4MBKiTP4A1_k%3D-wp1sc4%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ensonhaber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 16:36:47 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEK6ggKrFDc3I6tfM-qkj-pA&google_cver=1&google_push=AehlK4A4Qw1m1Jqs9wuGjOfGys6h-NWFvROgGf6vsPtOYDL2S5ImElVOp4jsc__c-ZiFJMpg-j4RMcIVos3b2QK-tJXA9FcYWXM
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126bd36674616d2284d224ed5a1%3A0%3A1gck45gvu-9k35ldmsn0g-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc2%22%2C%22bid_opportunity_id%22%3A%221gck45gvu-9k35ldmsn0g-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc2%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126bd36674616d2284d224ed5a1%3A0%3A1gck45hum-iuq3s2ht548-YWRuXzc3NzTV0YQkMlWBew%3D%3D-wp1sc3%22%2C%22bid_opportunity_id%22%3A%221gck45hum-iuq3s2ht548-YWRuXzc3NzTV0YQkMlWBew%3D%3D-wp1sc3%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126c1afb90e2b8122841df32541%3A0%3A1gck45m3l-iqvfhnqrl5g-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc2%22%2C%22bid_opportunity_id%22%3A%221gck45m3l-iqvfhnqrl5g-YWRuXzc3OTbTNB-0YTyN0w%3D%3D-wp1sc2%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ed3126c1afb90e2b8122841df32541%3A0%3A1gck45n4d-h5c82pb5oeg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc3%22%2C%22bid_opportunity_id%22%3A%221gck45n4d-h5c82pb5oeg-YWRuXzc3NzAreFesWx6Jkw%3D%3D-wp1sc3%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%221009%22%7D%5D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7w4qxcq&c=2872929998478&slotId=1436464999239&qqid=CLOerabUivoCFY6Fgwcd1lENLw&gqid=H70cY_OqIcSPjuwPxI-54AQ&fb=ima_html5-lima&sdkv=h.3.529.2&ppt=videojs-ima&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44752052%2C44754420%2C44760950%2C44765701&met.4=ghmsh_s.l7w4qxnz~ghmsh_s.l7w4qxo0&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=XcGOs50uGXHQ_NNd
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7w4qx79&c=2872929998478&slotId=1436464999239&eee=missing-element&bi=missing-id

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| heap number| flipStatus object| flipID number| flipInterval function| flipHover function| gtag object| dataLayer function| OneSignal function| bundleJs object| gtarget string| sayfa object| wpcc function| _typeof function| $ function| jQuery function| __d3lUW8vwsKlB__ function| _defineProperty function| PopupCenter function| setInputFilter function| errorMessages boolean| login boolean| isPaymentPopup boolean| infiniteisDestroy object| timerSettings string| mailGlobal object| commentPics boolean| commentEditAble object| googletag object| pbjs function| screenArea function| parentModalClose function| reactionModal function| setCookie function| getCookie function| holyCheck function| getUrlVars function| infiniteAds function| isNumber function| closemenu function| modalUi function| closeDropdown function| fillElementWithAd function| loginCallback function| smsSendApi function| getTwitterFiels function| tooltip function| checkUserPremiumPhoneNumber function| removeMemberLocal function| pageReloadFunc function| pageReloadClearTimeoutFunc function| memberMoreInfo object| google_tag_manager function| onClose object| viaPlayerCaller function| viaPlayer object| viaPlayerCfg object| google_tag_data string| GoogleAnalyticsObject function| ga object| _0x3c01 function| _0x5727 undefined| ReklamUpInterstitial_v2 object| sliderSetting function| sliderAllRun number| __oneSignalSdkLoadCount function| __jp0 object| _0xd1f3 function| _0x2b9e undefined| ESHREKLAM object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ccfg object| viapc object| viaPlayerController undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| Hls object| google_reactive_ads_global_state object| google_image_requests object| btags object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_378363 object| closure_lm_934834 object| closure_lm_810594 object| closure_lm_64366 object| closure_lm_175259 object| closure_lm_548643 object| closure_lm_194184 object| closure_lm_454938 object| __VR object| __vrInjectorPlugins object| s object| c object| h object| sl object| closure_lm_21674 function| loadCMP object| sas function| Tapad object| closure_lm_537417 object| closure_lm_740301 object| closure_lm_400005 object| closure_lm_601208

41 Cookies

Domain/Path Name / Value
.ensonhaber.com/ Name: _hp2_id.1607650922
Value: %7B%22userId%22%3A%224594375498440158%22%2C%22pageviewId%22%3A%222147255854627238%22%2C%22sessionId%22%3A%228434641818588339%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.ensonhaber.com/ Name: _ga
Value: GA1.2.1148706156.1662827804
.ensonhaber.com/ Name: _gid
Value: GA1.2.126161592.1662827804
.ensonhaber.com/ Name: _gat_gtag_UA_955423_1
Value: 1
.ensonhaber.com/ Name: _hp2_ses_props.1607650922
Value: %7B%22ts%22%3A1662827803770%2C%22d%22%3A%22www.ensonhaber.com%22%2C%22h%22%3A%22%2F%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUl2VImx27Qxv3057gKZDC05mO9UWDc0E3Fb6bS9a1R25s13M5kLFIyJc943Hzg
.ensonhaber.com/ Name: __gads
Value: ID=095b52e3c3be1ec6:T=1662827796:S=ALNI_MaV13XifxFpoSIl-ck-KbW3anFz2A
.aralego.com/ Name: sspid
Value: e44f318b-07a1-31f3-b051-712a5f38b5bd
.casalemedia.com/ Name: CMID
Value: Yxy9FvPC9zyPuxYf0hbRyQAA
.casalemedia.com/ Name: CMPS
Value: 5180
.casalemedia.com/ Name: CMPRO
Value: 5180
.adnxs.com/ Name: uuid2
Value: 5269304246804937597
.casalemedia.com/ Name: CMTS
Value: 1161
.turn.com/ Name: uid
Value: 4032021225022781651
.w55c.net/ Name: wfivefivec
Value: 2l9QlzVw1Ox3tc5
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVMgP?K8!]tbPl1M>e)ZlrFUfJ+tGXxo7:]l$xTDcZ<Z0ChwQlQYc<U<06Q<9O-X7^@!3If)y3KL9D3I?+_)Kk)w
.ctnsnet.com/ Name: gid_CAESEHINRvcsQd7_72i66VjYlTs
Value: 1
.lijit.com/ Name: ljt_reader
Value: FSzEsGZHa1qqruMqTj6ExZQj
.yahoo.com/ Name: A3
Value: d=AQABBBe9HGMCEFHVGTSxrXDeqHQcXT1YvX4FEgEBAQEOHmMmYwAAAAAA_eMAAA&S=AQAAAnpOLZQD-ffGU5MfOG5c9i4
.simpli.fi/ Name: suid
Value: 78FC73AD3F6D42539EE088F1F6092646
.w55c.net/ Name: matchgoogle
Value: 5
m.exactag.com/ Name: exactag_new_gk
Value: ec086581373c468f992bfa2f4b506779%7c09.11.2022+16%3a36%3a39
m.exactag.com/ Name: exactag_new_uk
Value: cf4864ee97d4421092a7200b21cf61d0%7c
m.exactag.com/ Name: session_session
Value: d2c7632817a948198213340a
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2734
.demdex.net/ Name: demdex
Value: 29935784406853414673967114894020976511
.skydeutschland.demdex.net/ Name: skydeutschland
Value: 29935784406853414673967114894020976511
.quantserve.com/ Name: d
Value: EDcBCQGIJ4EA
.quantserve.com/ Name: mc
Value: 631cbd17-c214c-88a72-48a7a
.3lift.com/ Name: tluid
Value: 4113736326942591244250
.adform.net/ Name: C
Value: 1
.ctnsnet.com/ Name: gid_CAESEBOp1ZebMAbDq5jBR12PQtE
Value: 1
.ctnsnet.com/ Name: cid
Value: a8826714e6134fa49592012e659528ed
.ctnsnet.com/ Name: gid_CAESEBBTzq-WmhF08VzqNAyNs7k
Value: 1
.adform.net/ Name: uid
Value: 6621642338974749300
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ef68398b-627c-42e2-a809-fc87a4c72628-003%22%7D
.360yield.com/ Name: tuuid
Value: ca5cff01-bb23-45b5-aed9-ac58facf3755
.360yield.com/ Name: tuuid_lu
Value: 1662827800
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ef68398b-627c-42e2-a809-fc87a4c72628-003%22%7D
.mathtag.com/ Name: uuid
Value: 60b3631c-bd18-4f00-83f4-95f290197a4c
.mathtag.com/ Name: mt_mop
Value: 4:1662827800

5 Console Messages

Source Level URL
Text
other warning URL: https://monetize-static.viralize.tv/viralize_vpaid.min.51b110b6.js?e=ops
Message:
Allow attribute will take precedence over 'allowfullscreen'.
other warning URL: https://2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEBq_CeDr3B-Rp4e0A-Yh734&google_cver=1&google_push=AehlK4A9vBxWmjxRL7MDlihR8yNOTaZdWdUu50UBTITvi4lVoDQ9V2PfkBAeUIlP4GjuTDc9_AzJg0fyk9Z-XJS6ZFUTjHurN2Q
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP2AWGzdW_5IVLYuikUmFKg&google_cver=1&google_push=AehlK4CYCd2DTFAchPoBgH5Cqc8eEEmEiiv5HWp9DpAMlbjd67N-KIcY06Nx6g7GWK87vv9oJE20ml1F0D_jCw3eANUERaC9xkG7
Message:
Failed to load resource: the server responded with a status of 503 ()
javascript warning URL: https://www.ensonhaber.com/
Message:
The resource https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d4e84bdee6d2512af1dac44a27c3c82.safeframe.googlesyndication.com
ad.turn.com
ads.aralego.com
ads.eu.criteo.com
ads.viralize.tv
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.heapanalytics.com
cdn.onesignal.com
cdn.ravenjs.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
creatives.sascdn.com
csi.gstatic.com
csm.eu.criteo.net
dclk-match.dotomi.com
di-j9ffzxea.leasewebultracdn.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
emea.hhkld.com
ensonhaber.com
fw.adsafeprotected.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
heapanalytics.com
hhkld.com
ib.adnxs.com
icdn.ensonhaber.com
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
m.ensonhaber.com
m.exactag.com
match.360yield.com
match.adsrvr.org
monetize-static.viralize.tv
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
r.turn.com
rr2---sn-4g5e6nsy.googlevideo.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
rtb.viavideo.digital
ru.hhkld.com
s.richaudience.com
s0.2mdn.net
securepubads.g.doubleclick.net
servg.playstream.media
skydeutschland.demdex.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.richaudience.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
viavideo.digital
videoapi.smartadserver.com
www.ensonhaber.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www8.smartadserver.com
ads.viralize.tv
csi.gstatic.com
google2waycm.netmng.com
s0.2mdn.net
104.111.242.245
104.18.19.126
13.32.110.107
141.94.202.176
142.250.186.162
151.101.130.49
157.90.0.13
157.90.211.246
169.50.137.182
172.217.18.2
178.250.0.160
178.250.0.162
178.250.2.135
18.157.110.72
185.29.132.245
185.86.137.114
185.86.137.126
185.86.139.104
185.89.210.141
192.96.200.41
198.47.127.19
2001:678:cb4:bbbb::11
205.185.216.10
213.19.147.45
213.202.235.9
216.52.2.19
2600:1f18:1aca:4280:c8cd:8315:7b13:5ece
2600:9000:223f:800:8:48e:53c0:93a1
2606:4700:10::6816:3f4e
2606:4700:10::ac43:28c4
2606:4700::6811:190e
2606:4700::6812:e234
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:64::7
2a00:1450:4001:800::2001
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:26f0:3500:11::215:14da
2a02:26f0:3500:c::5c7b:6805
2a02:26f0:ab00::b819:32c1
2a02:fa8:8806:13::1370
2a04:4e42:400::282
2a04:4e42:600::729
2a05:d018:d29:3602:7ccc:efc7:12f7:54b2
3.126.56.137
3.231.52.38
3.33.220.150
34.102.243.38
34.98.64.218
35.186.193.173
35.186.238.232
35.186.253.211
35.241.45.217
37.157.2.234
51.38.120.206
52.209.199.248
52.213.71.221
54.77.13.34
69.173.144.139
76.223.111.18
016750ce5101d8481fc0df7f49593b2139835594d7fa2e9fcbae9fc8792d87b7
01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2
053a545a2651da3eb3900d00bf4d2a71cd6963612e64bfac036ba55554b2672b
07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09fe7be89711f0dc0ba47ab8a1a1865df7b660a1f1359d29c4c3445683d2f61f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c427509acdc979bcd02880e9437dee4f5d04c6526f15f3ec4e9c2c4ea317f06
0c99c35dbdac68ec6be96f622b28c4ce35ee197a9f472951c8ed014c7d411e4b
0d782e0d957a825f22dbac3cd223537a4b428d1bdd6118eb8f18007ba6fa4c76
0e05b4d98ed4231ac519df0a3e2f34f5cc4f3e5ddb3cb2ae01c69deb66d76497
0f2330f987a2da35673f462475d18ad6e03481bdbe6106aa47dee1cc558fc0b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139bfcdb6cff975c37824be3c4f3b8bfbd6998e51d71f545e9b0a3f121243a58
14339ae457bdde5862b1febbe9a4dc64148ddc7a6b7aaffd806616401ad89b52
14bd20afa2c4c831d3897367ec0da9b84933e2fea3a7555cb6e44ef48b72ec38
16d34c1f8667bc3e63543a23327a6efa8b2ea05cd2428b91c591bd74d38bfc9a
17b252ac599bfe4dc972daf3720a9354e1ccceb97865ae8ad04a4ce47186999b
19896114915aa8f06a3d91bd73df159682b34390574e3ded71f66abf5f918ccb
198a88c55d054c510c8c5787e7a11c0d980408626d8d2a8b40c3219b09705523
19c86d5ed205456df7cd9d104b3ef8133f013bd4b4b172b765e55019dd8171c6
1adc36821f624d1d53c5d8f1fa7023687e1ddb9daf2067e490d3f103ba92c91f
1bff76f01afebe871b033ba22af389016b9d57c0336d95e4ff401186cdf81394
1dbb113405cd6745c0a638621883ac3952d4a049bf0a45dc0dea6a0baf1d925c
1f1bcd1e601687bdc5c2c84ac1616cff05cb81d0710fbd05b99431716a7060c3
205038d18f4d6fe8a088268c87982c3054b4672207f66b325c8cd413f9ef7500
209213a170ff4975bddd6da1bc339d254a0b7bc6e4a82e2136b68d909d740ca6
2189e6415b14eae03e18a566589ed9d1707a8b65b37f3ddbb206810fc95850d8
218da4ed05befd3bc59b7f5a39a4e226d6bda58879585580fe1fe5b5608bcc4b
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
21c37288ae94b96682ed1d36061e11f75d971c49602ef1f4bbc9c85ebb1d787e
21f4c2abe4c49dfe9857ea69cca014ef831743b2146fdcbaef7afda4330dad00
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2511d74e61762babc44421f9556652351439f4d0bfae9484256b0abe7fd898de
261d64c4a04df3fb3a68d5addabe393c4578e079706a30605524f50ba363c266
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
26fd7a2ea25de68d06c47869f9df238570421f892dc63e84127d527e68e7f678
2765406bd983cfe2a483f159ebaec3921d356b3a1e7d0ea6e592d3b3bb64866c
278b8b2771a645d8a1a42cdc9821bfb5d1eb04907b7a417dc17b643337c91896
280bda623126ffaf025bd0f817b06fb0ab806ed2ab74e0ba5879478b2f9732c8
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d
29fc477d1c597fb52695a779fa91714aaa122f48482d9cbd1db0acc6ec9d3332
2adede7013921793ceb1a472f3d0b3f5457d645fb76c2299f3c9e1d74a1bfd43
2ce858627aaf09d4ab2c80c682a5e1fdcf792b629c2548875773d6ad2bdb7b5c
2e4397946c5ed010a692d0fad2f0c3d9a414daca6e024165d28e714611010c7d
2f2c5808d5b011a748123d300c0968233b5dcb935d84b68d38e307d74c27df1f
307344029b5d70bb3601e400cbcbc77af2e10276ffc21cf896ba235506d3fa98
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33c00c49eeee7278178a46aaeb8c882c9682426d655f5c1d14c5b3efd37c3cee
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34be2197bfd59c3ea211cac38bb35369af43a05cc5165dfa260b62eaae17203e
3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093
38db0cb0e815c249f55f1161112b800fecc05036da4782d9eb71db0dd7d6b9b1
3b726ac394d33d31a016f5066c15d09309936fe869c04b1f50bc4ccff69aa595
3c3c917f4f2fec833b3b61e610a5ef7bc6ea420a3e35a165bca1c1d2cf61e30d
3e0e99c1a51d63ef063dd071c7b1c74e5ee30a94178277e1bc14ff65ae95e6bb
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3f151bf16b7997aeede2785c0429d85e72d3f21dce3df31de83877ab523a2a85
3f8c05df0ebaffc948fdcfe7bc0959973b77dded7686fd53abd3f5065c4a03ae
40e58769ef5895975af8163ae118d5dd1e22e13db057aeb981fe58cdc8fb0ac3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e116408bfa7d9083f65c2cf6ab6ee7047e47d19120c9100f79e43f07c22e9c
432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46cd95e4b2415a7389d4c412c709b2ef52f3fcab03e26f7194461f05f46401c6
481107d3803f4977aa16cfa922c8e27550efe121c39a3b542ee9539f8d84e60f
484a4b402a62a06a25f3a082dc3f98248c3a2286901ea59a97ffe82747ee81bc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49dab92f71063cc51cb04258af65534640d70373d2d06cdceb31606e95960d17
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bab0374cb07437b112968d3c46ad3d8fb07de4b48419f70b069d19071d0c9a1
4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ededfb57e10f8b2ffe84c5908981578d9ca1e295a2cb28ea8b3e12982c1ae66
4f05a8e700da21d7fede78c4e10ff4aaa22abc057d2bde36532d4cf901ba3e87
4fd7b9202c724c3a5ed74236fadba8725a187eca066f72b35ac6fdc5fd52b3cb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555b02b319dc84bc1b0caf55a6b7b1c0f67f23fc1053d6c09cc322663b73b48e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3
55d5499abdc043e57bce8c682aa74e758baf9613423d238414a50526d6998678
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0
5b5df1f72502ed39fea4846668301152a7f02d3daa510e46c4a866ebe1ab912e
5be70d5a1c0d7389edf9c44dfb579edec6593116194924abb6ecaa9ff75ea4f4
5c652db26243cdd0d822e5a11f193c7f38be28d590d51aac6a4772983d1fc25e
6029688f62f390194116468c38dc24dd9635ce6d10e314ca4c6f26721450893e
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6358c05506dcb56aac552b0fe6b46032c308e108e22b832e5df1f4f3487c40d3
64881f6fa2cc19b0fa18ddcce5015f761ec8052be5b12fc0b86755701f0e474b
6787c997fd3be922e3a09fea77ecd244b9f9f381a953cc4bb3ea738045906eff
68db6d031b7ef4a7bc0236aeaf6ccdcfa5453fe4eeb2bdf89ea1ea925a6a9269
69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6a6f143f04c36af783a86b904cdab8891dc7efe0524221096f1a97ce5ba23e58
6c78ecbeb616994fe99378f6f1399a53b5e439090176e6bc4dc7623f3566f5b9
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e5f1317cc82513c64ed99253fb671fcc6d6b8c5078776a38d7f89da22e75d2d
6e69ec8f9a7c99835a937757ad1e9b4c7d08ef7ed97320c6c5787d35b128d0c4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c193fd04a259ee2e4a63e6176a1dcdb7ce0974a2eda02a316b4256e0e0cdeb
75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893
75f2254821b1ddd7646b7b47b4a63f06a59aae60387087d812be2fb188640c17
77eb0cefb94e20ce8b1a4e184bc59c741fca09c3a5bba297d7dbcbd0a4ec2fa5
7c75acdc41786cbfd0ff4e455f868d0aaa0137c8c2d869b56293e94879b67557
7d80a4ce1277e73f62653ce5ef9935a1c1bbbdc1a4a147c729440adc8ad34476
7eb6a3806ffac25e0ad087b61d9037beb718315045746b1d4cc6f1983f39b678
7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652
81483d4e38915ad63f3721eb039085079707afbd140c428a404318c3a994a72f
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8769de964f60f800a04076134a260001b8b30662bc7ef11482edf7616c729ff9
8870511f84edf65f9d82d73215744674c6f7dfff91c729da89f49b394b82d9e5
89058cf3d1914bb7d7d5286f79d8de9a868fea9733286649be7677f5f47b234e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c4d184391f9228fc5b643c87a9f17cd4eef68dd31289fdabd38e8da6aea6fa9
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f03524fcc1c423e5375ee91780af2493c8f24426b5b85b058d0a3fbf76fcb34
91eef6a391bd49d97e103598d44ec3b92cfcd47cf5af39bd4f79929efbee5c98
94e031c4513e39f8cb650ebaa160ab947e316ed254acac7662fd38086d74b8dc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae4a5084dbca740adcb023de9cc40a4826e9e8a64e9a485364678cd5ba956bb
9ba8e154ec042287443dad12fb436ea6386b31a0af969b79f8f65cefde14e654
9c649782210be9ba4a220f1a4d38de62aded96f5f27b34023b310c5c0c4d2625
9c976c4a8c1655f63e6179a6d85c520ea2073b4d1249deb744ce74acd5eb2075
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10dc00f84c57e2f6def71503359e3769ae822a9222bbfc0156f6f2b0e17b443
a1142cc7eb916299c85182c8748abe4aace6055743fcf5021e9305de025b5b7a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ec586c9c199818e9d6485f143f9066769853a4eea52cc2575c396c21b010ce
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a36678f469e5dbf006f43c4e8dcc632a4d175f70cd1c7f8add1a98c6256e1aae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a2bbb25e35a3caadefa56c84d28b9ef2b2a4bd2c69b6d745a0a77e78a0806c
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97c6e2b51d6fe0804669754eeba2d599a10c16c56e88a9ff2661a742f7ebd07
a9aa179ff21c0526d6ad8c682d16f80b352bdbb63b66ff032136b3a90532da43
ae208e5179d847992aff8c7084bd4643f9b74a33ace58e49f908f21953e086cd
aea6e4fc64cbd4b2ab6a125656e4bc9024212bf672074d70b62f5a1545f97687
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46803048ab080b79584eec72e6aa9b95762f1a52614011fcbd34f05adc97989
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b63c7b7230f6b844b83563b7a9a34022e30195b29c02cb99d829a0256261e3ec
b8635106e59e7f4f9dccc927457eec202885925198fcbad28061393dfd16922b
b90d0a2d83ab6b64327c929439cd396fb2de1e59a42ff6f58a69dfe6e587dfa3
b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba5be4a1a7672fea505087f7f903c6ebccc85f6b3b02781e90a84b575872a73
bcbbbb98962d675c60e9100003508edbac9b05805408831f0bd7e9051b7839e8
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfc8f57087e5623cf58ff9793b6e1ca9758251baf048c4516b291c2b6812b3ef
c3cf8ced1121315171e299fc939557f99c4139dbd0edd81605011d534ed2358f
c5416216b0fe28010c8cd584a8385540ad3752bf10b51313a2cfd2a34a68bc1c
c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e
c81d385094258a16ed73e19cfef6b5ddd91ffcd692474281cc7b73b95f71a545
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cd3bac2dbc59f688a5fc94d689fa24dab8d9c5f8aa76c083c3386114fd0fab4c
cda102fdc78e36a46af3c6223b91bf8e0e15ef7ef1debb7567f57fb3b39e97e6
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06b912ffa427e50c099215d79e0a957b279411db011a4af71a2e5e02038a89f
d07b6c9f657d32bf379e8c8a028fe714522edfbd72bad04e3166d34efb23ec3a
d0850d695c89d961eace5283188c73a7517c54bcc151ae5f6d560654fa941e15
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d30182031cd7feb905a79698337652270afde5ed2cbb2de20e94ca1fd875b445
d39822582732ca429a2dc917f29b0af36e610864638235395b829779f815301f
d5696fbd0500ad96a624c4d61c073726c220d30c9f63a86174074009ab3a4172
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9ff528cbddc89a8a5bbcc6594e5c0892d6b552506e2235a224eec15ec2097ef
da664f1ed1b45deb4ad802ab0ff301ad6d36c8e5e30998ef685257e5aa5336e4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096
de27ab75ce01de2fd46b8d2140475b4867e557c884afafd4396eb3e6a34f0218
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1af2efbc388fa22d224ee6b551be80532f73578f00f30d7584116d408d36f25
e2ff77c2e935db9607bea54351b80b18327a75134bb471172ae69019cf3c81cc
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6cf68fc5c8593bd85e422a1e2959c22097c1bae30e95f144f91907d574dc36b
e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7
eb0b22e9113c02783652aafca27cd1a48262b16fb8accaf4e9ea3921aae1c260
ebb2026eba76b777cd1cc6d694a4609324304eeb1129a9fe0fb5a616590cc3ee
ec58abdda42a49abc60e1be89810c7dfe797583495b360ab8dde05ba10de4a16
ede7dacf32f12145006c83a0a641d72841522fdc688d9a05e34f1950a5a2ecd3
ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eee006501f1500273847c5d44efc6e96f67a9461e63911f61dbd5be3a4c912f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f21fcb04935fd38258f1e4257ff8d991e8dde2a623767d44f4ac822ff7e76711
f3e29586689c6d50d230826f4c244830245230bc68bea24c96481ced47d8ccbe
f4620d3adadbf1f44a5247075351303eaff08bfacdd13934410e8805afd9a421
f49215a65fdf2e4834dbb698e6f87d3941a7316e8db471f2d0d307cd02bc4e10
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f95d87ff561cf39eba9667e263fa1cadc96dd836a9b9b614e94d818f5df8fb43
fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79
fbc08716bf0cefb93b9b44ffaa0db4ec7507183ecd5f12143c79239d6baecaab
fe92612902a1fd04aab1ce31c70d4c6901a745d185d2f005060e49eb798e9e5a