edonmanor.com Open in urlscan Pro
2606:4700:3037::6815:1127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edonmanor.com/
Effective URL:
https://edonmanor.com/
Submission: On January 11 via api (January 11th 2024, 9:05:18 am UTC) from US — Scanned from DE

Summary HTTP 193 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 70 IPs in 8 countries across 53 domains to perform 193 HTTP transactions. The main IP is 2606:4700:3037::6815:1127, located in United States and belongs to CLOUDFLARENET, US. The main domain is edonmanor.com.
TLS certificate: Issued by GTS CA 1P5 on November 27th 2023. Valid for: 3 months.

This is the only time edonmanor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 32	2606:4700:303... 2606:4700:3037::6815:1127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eab0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	68.183.18.251 68.183.18.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.124 18.66.112.124	16509 (AMAZON-02) (AMAZON-02)
4	23.57.19.78 23.57.19.78	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.64.79.126 18.64.79.126	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.119.77 13.32.119.77	16509 (AMAZON-02) (AMAZON-02)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	18.66.122.46 18.66.122.46	16509 (AMAZON-02) (AMAZON-02)
3 9	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	3.64.142.32 3.64.142.32	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.215.121.196 52.215.121.196	16509 (AMAZON-02) (AMAZON-02)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	63.33.168.200 63.33.168.200	16509 (AMAZON-02) (AMAZON-02)
2	18.196.19.149 18.196.19.149	16509 (AMAZON-02) (AMAZON-02)
1	52.208.204.46 52.208.204.46	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.161.113.161 54.161.113.161	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1780	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:5a00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:f400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.179.7 15.197.179.7	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
3	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	35.168.180.16 35.168.180.16	14618 (AMAZON-AES) (AMAZON-AES)
1	54.246.43.192 54.246.43.192	16509 (AMAZON-02) (AMAZON-02)
1	23.211.8.12 23.211.8.12	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
19	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2.20.142.56 2.20.142.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 4	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 2	54.71.65.132 54.71.65.132	16509 (AMAZON-02) (AMAZON-02)
1 1	217.79.188.9 217.79.188.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
10	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223f:8c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7780:d98b:669d:3320:881e	16509 (AMAZON-02) (AMAZON-02)
193	70

32 2606:4700:3037::6815:1127 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

edonmanor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eab0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.18.251 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture2.analytics.hbwrapper

cat2.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-124.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.64.79.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-126.txl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-46.fra60.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.141 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.142.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-142-32.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.121.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-121-196.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.168.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-168-200.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.19.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-19-149.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.204.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-204-46.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.113.161 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-113-161.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5a00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:f400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.179.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.180.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-180-16.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.43.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.8.12 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-8-12.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.142.56 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-20-142-56.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.71.65.132 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-65-132.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.9 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad3.adfarm1.adition.com

ad3.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:d98b:669d:3320:881e (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	218 KB
32	edonmanor.com 2 redirects edonmanor.com	846 KB
19	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 ad.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	277 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 1190 static.adsafeprotected.com — Cisco Umbrella Rank: 988 dt.adsafeprotected.com — Cisco Umbrella Rank: 933	106 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	165 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	15 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	13 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	5 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	58 KB
5	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431 id.crwdcntrl.net — Cisco Umbrella Rank: 4038	25 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	78 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 2163 a.ad.gt — Cisco Umbrella Rank: 2414	5 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1623	106 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2214 google-bidout-d.openx.net — Cisco Umbrella Rank: 2217	785 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	76 KB
3	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 43317 p2.gcprivacy.com — Cisco Umbrella Rank: 21683	14 KB
2	adition.com 1 redirects ad3.adfarm1.adition.com — Cisco Umbrella Rank: 66033 imagesrv.adition.com — Cisco Umbrella Rank: 13077	589 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	130 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338	545 B
2	aggle.net aggle.net — Cisco Umbrella Rank: 29291	2 KB
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1919 lexicon.33across.com — Cisco Umbrella Rank: 2501	5 KB
2	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4398 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	9 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137 pixel.quantserve.com — Cisco Umbrella Rank: 1736	10 KB
2	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1894	311 B
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 1418	203 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	128 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	lijit.com pxdrop.lijit.com — Cisco Umbrella Rank: 5655	199 B
1	teads.tv at.teads.tv — Cisco Umbrella Rank: 5198	336 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3327	369 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 2556	266 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2532	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276	3 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4184	461 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	644 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1682	1 KB
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 5013	426 B
1	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2297	327 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 791	6 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1105	410 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 995	167 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1632	7 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	352 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2313	10 KB
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 152	456 B
1	hbwrapper.com cat2.hbwrapper.com — Cisco Umbrella Rank: 29770	258 B
1	gstatic.com fonts.gstatic.com	27 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 42133	183 KB
0	usbrowserspeed.com Failed a.usbrowserspeed.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
193	53

	Domain	Requested by
32	edonmanor.com	2 redirects edonmanor.com
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com tpc.googlesyndication.com
10	s0.2mdn.net	9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com edonmanor.com s0.2mdn.net
9	ib.adnxs.com	3 redirects cdn.adapex.io googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dt.adsafeprotected.com
6	gum.criteo.com	2 redirects static.criteo.net cdn.adapex.io
4	ad.doubleclick.net	1 redirects edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
4	secure.cdn.fastclick.net	edonmanor.com secure.cdn.fastclick.net
4	securepubads.g.doubleclick.net	cdn.adapex.io securepubads.g.doubleclick.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	id5-sync.com	cdn.adapex.io cdn.id5-sync.com
3	static.criteo.net	securepubads.g.doubleclick.net cdn.adapex.io static.criteo.net
3	id.hadron.ad.gt	cdn.hadronid.net cdn.adapex.io
3	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
2	pixel.adsafeprotected.com	1 redirects 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
2	www.googletagservices.com	edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com cdn.adapex.io
2	mug.criteo.com	edonmanor.com
2	oajs.openx.net	1 redirects edonmanor.com
2	aggle.net	p.gcprivacy.com aggle.net
2	p2.gcprivacy.com	p.gcprivacy.com edonmanor.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	btlr.sharethrough.com	cdn.adapex.io
2	targeting.unrulymedia.com	cdn.adapex.io
2	cdn.id5-sync.com	edonmanor.com securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	edonmanor.com securepubads.g.doubleclick.net
2	cdn.jsdelivr.net	cdn.adapex.io securepubads.g.doubleclick.net
2	www.googletagmanager.com	edonmanor.com cdn.adapex.io
2	fonts.googleapis.com	edonmanor.com 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	imagesrv.adition.com	9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
1	ad3.adfarm1.adition.com	1 redirects
1	pxdrop.lijit.com	edonmanor.com
1	at.teads.tv	cdn.adapex.io
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	id.a-mx.com	cdn.adapex.io
1	lexicon.33across.com	cdn.adapex.io
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	a.ad.gt	cdn.hadronid.net
1	pixel.quantserve.com	edonmanor.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	prebid.media.net	cdn.adapex.io
1	hb.minutemedia-prebid.com	cdn.adapex.io
1	g2.gumgum.com	cdn.adapex.io
1	fastlane.rubiconproject.com	cdn.adapex.io
1	onetag-sys.com	cdn.adapex.io
1	ad.360yield.com	cdn.adapex.io
1	bidder.criteo.com	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	prebid.a-mo.net	cdn.adapex.io
1	p.gcprivacy.com	cdn.adapex.io
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.hadronid.net	edonmanor.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cloudflare.com	cdn.adapex.io
1	cat2.hbwrapper.com	cdn.adapex.io
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.adapex.io	edonmanor.com
0	a.usbrowserspeed.com Failed	aggle.net
0	api.rlcdn.com Failed	cdn.adapex.io
193	74

This site contains links to these domains. Also see Links.

Domain
vrtier.com

Subject Issuer	Validity	Valid
edonmanor.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adapex.io E1	`2023-12-25` - `2024-03-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cat2.hbwrapper.com R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
*.gcprivacy.com Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
aggle.net Amazon RSA 2048 M01	`2023-07-30` - `2024-08-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-11-27` - `2024-02-25`	3 months	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
cert2-prod.aut.a24365.net R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://edonmanor.com/
Frame ID: 27DED1051CFA28D0A26CAED7F6E038D1
Requests: 112 HTTP requests in this frame

Frame: https://edonmanor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 106B0F5BB28F244691AD3420B4B84F81
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=edonmanor.com
Frame ID: F87B74CF6A06F589D57DDDB3238375ED
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7D2AF2652479EC1718211B9C97119E5A
Requests: 1 HTTP requests in this frame

Frame: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5D1A5E6A41902CC706451DB0655562C
Requests: 1 HTTP requests in this frame

Frame: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DF86A490297F146DD6C65B5B665066F
Requests: 3 HTTP requests in this frame

Frame: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FCD5FC53D62F09721659FDFAF7A1529
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEKuLn-MCGIuInIMCMAE&v=APEucNUjaCyD7RQjgx0T81tBJ1VgZ2u5rI1lVkq4ztC_9DxbbHdqyQu-kxB8uK8zEBr1s487HZs3aG-bChDjPSHaVECEsTmK2LSgXrIEHN0FvmM5RGgfJnHdzRuqCEhx1dv9y2nTUePeaYQ9__fNk5WdSUr0UiJ02bWrpM5xsna_j0-HIvvdVkwMmyBR6EAhWNt8jXnuWdIEGm9P6TihbhXENp4Nmb1k1g
Frame ID: 9E5850E32274E7F79E7DEA9706344FA6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1DCE5509D45E5D0BCDE9FC2B80DDE743
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjv8576ATAB&v=APEucNXHVph6fuMkuzcKZ5CePTh1oUpZRAg2S1WKYm8HV7BThKKscNNB21OdB_nh8k2qRcJNJ-9ZzzrEEyKnky80edYuYYXAtvB4vIH-kkX9yU-S1ekcxOS9VDcsi07TxgzyGiBD9g_DK40tDNqUvoTFAPUIjJPyyFBeH2ONpKp8sk3aW_KbwtrX6BH7nsan8IntpgB1H-z_81MjGjjtFXlt-DpO7zSvrw
Frame ID: 7EF3F4281C7120E9DCABBAB4F25E641C
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=edonmanor.com
Frame ID: B1CA8CE8CFBFAB2330235741F95BE200
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 35A9F3052F29ABA79BD964FA3C6A7325
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C491539F956E8AD9C749DA6220E257A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B67E6EC1E2795035C9B5BA087099D187
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9C876201D158546745C0C4B8AB7B46B6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
Frame ID: 92620ECB544ABA7D65714FF38519FE7A
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9E891B8EA9B767A93F80563DE0CEF09C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Edon Manor – Elegance At Your Feet

Page URL History Show full URLs

http://edonmanor.com/ HTTP 301
https://edonmanor.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

193
Requests

91 %
HTTPS

43 %
IPv6

53
Domains

74
Subdomains

70
IPs

8
Countries

2538 kB
Transfer

6177 kB
Size

37
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vrtier.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edonmanor.com/ HTTP 301
https://edonmanor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://edonmanor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://edonmanor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 89

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3Da25ffd0d-d18c-4107-99a4-69a22d75eb4c HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?id=3680210318319588292&gcid=a25ffd0d-d18c-4107-99a4-69a22d75eb4c

Request Chain 92

https://oajs.openx.net/esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp&cc=1

Request Chain 93

https://gum.criteo.com/sid/json?origin=publishertagids&domain=edonmanor.com&sn=ChromeSyncframe&so=0&topUrl=edonmanor.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jVtfrnx5YmcvUHplQzZTM25pRnZScVVPendLbUZRaXpCU3hncEZ0djhKVVpJYXM3MjJrWGJyc2J5RmlKcm1yandGb3dna1V2TjFmNWdaY3RjM095UjhLdTdjK2RIV3pZK2sxc0VOTDhxWHYxMld6c0psczdEclZhMXg4S3c3dERrOW81ak9GUDN0OUZoQmozNW1YYjRCTzhjREFQTXFmZklKRDdEQnRiRDdPQVVRWUZIdDZiN0NsMFFvYWFId2swbWRCRmpLUVFSK3Q2S3labnlNZlRvMGxHQ253cXRZeFdiNFM4QjUyaGl6RnFjbmhtRE5VOTJJcERFQkNQRjM5Ri9EeUQwazJ5a3l1MTdZNmhteDY0bjl5dmRuZz09fA&cppv=2

Request Chain 134

https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_pre=CJqs4sP91IMDFazHuwgdfoAEeg;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 135

https://ad3.adfarm1.adition.com/banner?sid=3622302&gdpr=&gdpr_consent=&kid=6122945&bid=18514759&wpt=C&ts=[timestamp] HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 143

https://gum.criteo.com/sid/json?origin=publishertag&domain=edonmanor.com&sn=ChromeSyncframe&so=3&topUrl=edonmanor.com&bundle=ZUzvTV8xM2lTYVBLNGZQTVhHQmklMkJkWXNPV0RhWEc3QlFhaTAlMkJOQmolMkZIRSUyQldOc3hMbmpzUnZTSjZNYm9VdkNtVVZVamE2TEJKanhvaFZwaGRmWWJjTkIzTXhBJTJGR1VYY0I0QWpxRDhXVGRRYm82JTJCeVB1azQ1RUppZnlSanBCTTlsMERlQVFpeWdHQkVpVnhPT2ZYdTVTbU42TFElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XtDs8XxDZXViNE95M0NqemhieUkvdFFsaUVwZDVETkxiUzUySlNnVjBnZmY1RWlIRjYrMzhnQ3daK2MzVzlQUVN4VGVlbWJqMzVxZlhJN00rMk1Scyt6di8xQzlJTnpNNHZTSTVBL0JHOTlHZHkzMGJJdCtmdlJwSU00a3VRUFRmTXViZlRGOVR1emdHcm1RZU1PSEEzc2FqTkNzblRCWEZVL3VsYjY1ODJqNW0rSmdMYzlBZExZSHlwemYrd1c2dGJoV1JDVWFvYUV2eGhhb3YraUowdE8vV051WUlQZ291MlJvTkNYc0NRYzlxeE4wT1B3ZVJ1OTFBODdjMVM5MFBvQ1lGRytqYUtOMUlwK3lTWlVXVnRoVUNMbWs4U1NqY0haYlBjQTFGT2V4KzVhOD18&cppv=2

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ.vSoB2fYBjLbu1xktCvwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ.vSoB2fYBjLbu1xktCvwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

Request Chain 182

https://pixel.adsafeprotected.com/rfw/st/1686316/75378114/skeleton.js?adsafe_url=https%3A%2F%2Fedonmanor.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fedonmanor.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:9904ec40-a386-e3e9-2f9c-4d8572e8eebb,c:YVD7n,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-bfd89cf9f-frxq6,rg:or,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:54,mot:0,app:0,maw:0,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:66,oid:88860f7e-b060-11ee-8fd7-96572fdb1f00,v:19.8.471,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

193 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
edonmanor.com/
Redirect Chain

http://edonmanor.com/
https://edonmanor.com/

146 KB
40 KB

275ms
239ms

Document
text/html

2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4a9c2c1194d61d725c98b8a30622e4ba68cb783d8754873d8953a74e2de0bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
cf-cache-status: DYNAMIC
cf-ray: 843bff1f1ee065fe-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 09:05:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://edonmanor.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXfN0RsY%2FdTrEzKbInYZ2o2pVWt4EN4%2FPcUmM8YWwTFpbDHwT18QLGFTupU7pubfae0FFt7YdJUMh9EvJsODafodoU2ArPr205Xxs%2Fp5Kan3gm0cGwHu47xADx6xpiTOMDDY2gHEDMgWgRy5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-mod-pagespeed: 1.14.36.1-0

Redirect headers

CF-RAY: 843bff1ea8bd382c-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 11 Jan 2024 09:05:11 GMT
Expires: Thu, 11 Jan 2024 10:05:11 GMT
Location: https://edonmanor.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKLoPHO1oV6oGP6oiKDJIIBd2Jrxc6Wzpo7O6g2J0noT7HNKWXYH1C39Nj9ujdPVEXyUEquYEZy%2Bs%2F1S7c9hfxa5zwHgF8GAc4iQttnWmR8R0sBPSbzG0ZgZ1jtKXhPYI%2FHAmbb3S4ROdYbq"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 global.css
edonmanor.com/wp-content/uploads/blocksy/css/ 18 KB
3 KB 30ms
28ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/uploads/blocksy/css/global.css?ver=97473
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef3fc21e413d328bdb61b0d0124c26123cbde36bacff3aae8ffbc7ba1b36498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 Jan 2024 08:24:33 GMT
server: cloudflare
age: 3408
cf-polished: origSize=18848
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a5amp85YvN7YDONEb9W3GX6A%2BJIyAHycg52kpuBAQXSRNdrNHWEa5wmIumubvLe9LuIAPtOFuYd08o%2ByvAS7fx9tuGy8kQ%2Fc2SxTcKmyYYY65MI5WnbDIgL%2BqxhpyXPAsh%2BRA0%2BMgb3sdLD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 843bff20a9ca65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
edonmanor.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 52ms
51ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cF9Fmr7at0Fogn%2FrFc7RHQjGAP40DU%2FREG2DO2MQqRASFFqBDKLdYmHlPVVEhT7Q%2B%2FW1kG%2F4G2NM76518040Rwj4dlUn2jw3HYuGle%2BGICIr2278An0zVlJInNnE3nM5Ycsq5V%2F96VEPBaob"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400, s-maxage=10
cf-ray: 843bff20a9cb65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
edonmanor.com/wp-content/themes/blocksy/ 2 KB
1 KB 33ms
32ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/style.css?ver=6.4.2
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de594072b66c086520a1f313b4f174a37070329da78a8600e0f84cca5f79d30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
server: cloudflare
age: 3408
cf-polished: origSize=1614
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsVkhOfVnM03Fgk7IZwvUuMQb5OIBq0QkM%2Fa1N9HYy0r2vvl0mzXAiMwYyVBHyOQuDlI38Bq390Th3rdz0o6e8tjyT%2BqFisI%2FTkJqHxPHXRUV6keMQSI1HFxOnz8EPVMxZs67sgPfEHmPPcY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 843bff20a9cc65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 171ms
61ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Jost:wght@400;500;600;700&family=Amita:wght@400&family=League%20Spartan:wght@400&display=swap

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fac330ba87aac879a5fa2f26da14905cf3d7cba62285b608e1190d33fda610ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 09:05:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 09:05:11 GMT

GET
H2 200 main.min.css
edonmanor.com/wp-content/themes/blocksy/static/bundle/ 97 KB
19 KB 33ms
32ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=2.0.14
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4877b4a0b89ba592086a0173c926e5e8631c64fa8a9381074bcf7e0213f2c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3408
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOCUqnTRY%2Fo4m%2F7sNNDsZRpUkoVU5NxpekSLdYf47S0fAfS6Z3ncx4augXQjaw8C2G%2B1BO8rd3Kq97aZdaiNxwHg8y2ee025hmBF%2FhnadOqCL1LEC7sPgGEjKvOSvOa%2FlND24uHo9lYlHdlq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 843bff20a9ce65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 page-title.min.css
edonmanor.com/wp-content/themes/blocksy/static/bundle/ 1 KB
782 B 30ms
29ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/page-title.min.css?ver=2.0.14
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372d61c2521df84f02ada52ec1ae000a9b641068cd36d0f90badee17ca7bd7ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3408
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Omv5Lh%2FhWq2F610NZJ0phRfnXKd8acSHBJQK3hpS%2FP9Np24b2Sq6lL4YkJ6HCZpSCoNTJXJJuT0V7zr%2FLLpnLwmQQO5nFq5cCfe0rh3nTehfX%2B%2FyfKBDfnSQoIt5y7iWjCWlQ1hrVxi40z%2FS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 843bff20a9cf65fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sidebar.min.css
edonmanor.com/wp-content/themes/blocksy/static/bundle/ 3 KB
1 KB 31ms
30ms Stylesheet
text/css 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=2.0.14
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19100903102b04fef880e5a83c3362e5b48e596cb95007eedcd1946d36454f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3408
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQmSXDoxLlWqXw4vQnLZ9xqU8iTdqt1XC7fc%2B6Qk65j4BPJvlSfZl1a08qETFMJyYXwoGaZdHDVxLhQHIJok2GKCR94f77xYFsYrTuvlG0Q7XkJETYd0VD2nQ9fe3Cf542O9aGkAHVW5qEsh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 843bff20a9d065fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 175ms
63ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=252758965

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d9de8d9b25f632b10096c516c27ab9bed75e2965589a4485e7c83b55c4e48e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44341
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 09:05:12 GMT

GET
H2 200 aaw.edonmanor.js Show response
cdn.adapex.io/hb/ 591 KB
183 KB 104ms
49ms Script
application/javascript 2606:4700:3038::6815:eab0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a509c3a98e421391064c01999a1a9bdb347444d475cbf64edbb29af28ec34cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55895
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 10 Jan 2024 14:50:45 GMT
server: cloudflare
etag: W/"659eaec5-93bc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnU%2FRs6hvuO9V2MERFflkhY3Gb5%2F4Xy5X1nbfqSK35DjBwKxFU6CGcx1PJOaXfKeysxW2GSySFsWajNkyAhGQUwRVjR0MPDlhjaVevE0e%2BDCfeQBIfRzXIVh638TEUaiCY1rpfKmexH6%2FXj5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 843bff220d5f63ea-LHR
expires: Thu, 11 Jan 2024 17:31:58 GMT

GET
H2 200 edonnn.png
edonmanor.com/wp-content/uploads/2023/02/ 6 KB
6 KB 49ms
48ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/02/edonnn.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a1c63b591eb5f854e83a1c183cc007553c8649ce570724dbc77d05b29750615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjwZxOFETIW8wtKe0gf70vwJjjZAYrHdQrnGCHDZYjEgHcYOIW8eePOR%2FCBIMqXZmU868BjxdM7BrRfsNLH8f0A%2FBrEo5dp1Ot1miUcHYhRZWbYzpRTHzAmzNTeWdhQ2O45KcJR9jv2M6YIW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff20a9d165fe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6179

GET
H2 200 jquery.adrotate.clicktracker.js Show response
edonmanor.com/wp-content/plugins/adrotate/library/ 199 B
449 B 47ms
47ms Script
text/javascript 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 16 Dec 2023 04:57:37 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=365
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlu7A5p7IQVYO2JOcmzqBoQrrVVt%2Bg5zwHT73K39k9QuCi20N%2Fm6xV7EWdm2WQzaYt45Fh2ScCqvuCCdcq%2FbIS6FpAqwfh2FFmHeBa1vAz6KBSAHAWJVUpRePIIUvvgA662gnd5LUGTdfKjT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 843bff20a9d265fe-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
edonmanor.com/wp-content/themes/blocksy/static/bundle/ 32 KB
9 KB 40ms
40ms Script
text/javascript 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.14
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d97c4713c0a665a8bf5fea113202a46cdd194e41f2cf885995f405345143c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=32437
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWLP9K1NwhVUj0Uq8%2Fs%2Bx0BCvmNA%2FUOJ78bGmdenIBnYjGfZvBGaLzAfrBeQudgJ10ChFXt8a9nWlPIdIKk%2FPkR8YkaeoOw5sX3LRo30EL2tgJrO89FHWYW5SWRxo%2FXF4K3fDTWF6rlEkhCv"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 843bff20ebbd41c8-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
27 KB 162ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Jost:wght@400;500;600;700&family=Amita:wght@400&family=League%20Spartan:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://edonmanor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:57:05 GMT
x-content-type-options: nosniff
age: 187687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 04:57:05 GMT

GET
H3 200 Nurse-wearing-HOKA-shoes.jpg
edonmanor.com/wp-content/uploads/2023/10/ 82 KB
83 KB 75ms
73ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/10/Nurse-wearing-HOKA-shoes.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2514d000eea26a3d1b2fe505419e6636ab9030d03fb5fe524cbf2b4e495b0bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 18:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjpJFT6SF597mgz113A8MMgilhnpKEp2LRgoj8%2BwUudyDcrlwN2eKvWVao7ZFBzK2xHCOt%2BKhUYjmQMeTgN%2F8tJRcyQoctLLnmL7Ns9u%2BbwhF%2B3KfYjH%2BI6l637k9Vis86DfKE%2Fsi0XXDZXl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc3a41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 84271

GET
H3 200 where-to-buy-hoka-shoes.png
edonmanor.com/wp-content/uploads/2023/05/ 38 KB
38 KB 90ms
88ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/where-to-buy-hoka-shoes.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42cbc6c3fb29a6570fe9ab29a13852a61c8a9cb9bf4cda12408079b199998c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfN%2BwSKGXw25yw5nsdE5aFZJtPqz%2BcFJll%2Bv1Yxwhc4eI7Rsp8jEqZoMxwmy%2FrblNskWILMiORMyEEEk68CyJgm7yTTJjAWHz%2B2syq4Cie3RqpkRh0AX%2B5xFIOhIGFvG4zBvaEZgVkilav%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc3b41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 38420

GET
H3 200 How-To-choose-Hoka-Shoes.webp
edonmanor.com/wp-content/uploads/2023/05/ 24 KB
24 KB 91ms
89ms Image
image/webp 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/How-To-choose-Hoka-Shoes.webp
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb0076d5efaa169e7449ff8e49406f4872d6aab423d290a676d719a75b2b6603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9X6lspVVmhgEVWNMbmOxXsPGU5FrUMMqryC9W9jwqJLzlnvJlNzdA54s3luTJcXu1amAnofDH%2Fx6IZZCF%2FCLMCdNZWNiStdPJD6oDV1ykaO%2BnrTCWrA%2BGT48RK%2BLmIiMHOxWkaZknmy60ka"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc3c41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24242

GET
H3 200 shoes-for-knee-pain-sufferer.png
edonmanor.com/wp-content/uploads/2023/05/ 104 KB
104 KB 61ms
58ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/shoes-for-knee-pain-sufferer.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db130066c40411769ead227b3226c6e5a58d35c7829a4f19e433743f902b5b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b2BAhv69yHs8ljH4m9IbOuAQlqZHFOfhJKTP2xjpIp2PIajoGsP0hVT0%2FEIkUnIeYUr01cdQtEnLlM6M4ke0AjVvUhNsJqCKIbAloxiYRYS4FMgijBY6LIS5%2B3U%2FmBDnG0ICJu8jISChngx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4041c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 106237

GET
H3 200 Hoka-hiking-boots.png
edonmanor.com/wp-content/uploads/2023/05/ 52 KB
52 KB 104ms
101ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/Hoka-hiking-boots.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec97079c53f7fb89d9fa806d5765d01895b8036bf1aa86ef7fa1777216b9a584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjfZ2ORjYdbrqQtB8FfHnRT3tvMbqvxxwHHT1SNzAhFAHMsJSwwJkzmMYrnSPFnGdP43j8%2BWfnE4BZuV3WGxQp4abxK0OYwTuNjri2%2Bl7TcSFePGZpYr673WWaVoB0%2Bl8cOXBxcHCmDsNY8e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4141c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 53265

GET
H3 200 Hoka-Shoes-For-Plantar-Fasciitis.webp
edonmanor.com/wp-content/uploads/2023/05/ 32 KB
33 KB 105ms
103ms Image
image/webp 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/Hoka-Shoes-For-Plantar-Fasciitis.webp
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ec6edf3a3e1cc1c8da987af1cf5ebd654d1523064ffe10f7c7d215a0124811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlPYIwVQUAqhtjCjWGfG67SswVxwKhcllWqzZzOjd5OIIfeLqAuM0ovNlOOlNWP2SXTRjOXwhdlZQMsv1S%2Fnhyo6A0LQnY8V08QiW7be5BB4ZAkwBl9q%2F29gsmWAt0JKAgB%2FXJUY%2BVde1yjI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4241c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 33000

GET
H3 200 Best-Hoka-Shoes-for-Overpronation.jpg
edonmanor.com/wp-content/uploads/2023/10/ 76 KB
76 KB 106ms
104ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/10/Best-Hoka-Shoes-for-Overpronation.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a31fb59823f28fc059a1d5a701c7e0bb74dd2c6bc0f0b76cf4279260e4118ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 18:36:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYzG1VaPwVwRtuEYOSa36HS5d9MlW%2F4LRIqHdRBLZEnwrTtSmsEU%2Fm8SSgc9%2B7CZZAPuswR0NjzPYjJm12pa2f7AuGp9iZyTv3OxB%2Ff60ifowKmvE1Jl6ITxcWtS1bT%2FP%2FxH4iefhiCNqcXp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4341c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77814

GET
H3 200 HOKA-Running-Shoe.jpg
edonmanor.com/wp-content/uploads/2023/02/ 46 KB
47 KB 117ms
115ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/02/HOKA-Running-Shoe.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8934a17fbe891605b360c74a9c1222b5c13b80724c5b66a18c37273dbb825599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FziLRK6PMhisD1DIPoaWLUl2V%2ByxGXT9ynPVhQqlgYOg60tlB33zCwY%2BYmV6yV36POELB5QMaBOlwTaUPV45lql5vd0PjLKk7YSuejcYfrDgrTZr%2FXsnNrarYKvzQpVsmehhCgpM1oiXDJZw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4441c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 47482

GET
H3 200 What-Color-Shoes-Should-I-Wear-with-a-Dusty-Rose-Dress-1.jpg
edonmanor.com/wp-content/uploads/2023/09/ 71 KB
71 KB 118ms
116ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/09/What-Color-Shoes-Should-I-Wear-with-a-Dusty-Rose-Dress-1.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12d2d3fe7a77cf9221dc746415bebb5cc2259cab53d31e1f07de1b8bd344da6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 18:49:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEDf7o48ckoYgg7OdkI8CtfxeS9ZupjGsMNyQMH7EUp4Xd09FlLKV2lyQeZigfZ08g8SG1awA7WESjLZk7mhXKWUiJAFJgX3ULK%2F%2B1uiZId0EboCi0pG8DKssz%2FXnq9gRqc1V7x5nFDUfnj5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4841c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 72597

GET
H3 200 What-Shoes-to-Wear-with-ABC-Pants.jpg
edonmanor.com/wp-content/uploads/2023/09/ 86 KB
86 KB 119ms
117ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/09/What-Shoes-to-Wear-with-ABC-Pants.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18786f4678a0fcdcb54513aa12955d28408733bfcb20582ec10eb73fbeca8173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Nov 2023 18:37:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C7t3ex3acbM3Os9Ql5Uh6H17rY5Nqkpoo7Sh0MWxpplYimvQq6zFMc%2BFxYmT1de37yA%2BAXvWz1u8ngeQ2ga0v01SSn0SxLULwlTBOaD1y9Lrw7sKmdu6svFgUVPUH6p0QRhdaXA%2Bj6dpDku"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4b41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 87580

GET
H3 200 Nurse-wearing-HOKA-shoes-150x150.jpg
edonmanor.com/wp-content/uploads/2023/10/ 8 KB
8 KB 120ms
119ms Image
image/jpeg 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/10/Nurse-wearing-HOKA-shoes-150x150.jpg
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab49270e2fe531af03fbd808d688426c49bc384c142409c41bcaf47d619f500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 18:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3ZwWJVlC2EV59zFXxSKLY8vwr8%2Frrb66x5S9kEXeU0Er5gJxpf%2BKa%2F04sfFq86fTf4BvyB0JgIQUCoDQxhSzqp%2FOaT0lbC1J2%2F3uKomJYGOe4rREQSx2nwXAT64bXBJl4TM7tvWNnZfQ1wP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4c41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7698

GET
H3 200 where-to-buy-hoka-shoes-150x150.png
edonmanor.com/wp-content/uploads/2023/05/ 21 KB
21 KB 46ms
44ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/where-to-buy-hoka-shoes-150x150.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ece0eb9e132d85aa47dc012a52e64533a26348a58c6820434a57171970b4081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81jgSKcJDGiRL4bar3O2o%2B34p4hPCmEjJ4YiE7Z6p6BW9BZtD21dPKEGd6lhSiDdZ8Y8ndQOXNn%2Fa%2Bfb0j5AsFTuedyI%2Ft7hT39isZnQdyj44WnDq7oGWaLA45DeldWu5Fbd7RNc%2F3jfHpJo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4e41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21106

GET
H3 200 How-To-choose-Hoka-Shoes-150x150.webp
edonmanor.com/wp-content/uploads/2023/05/ 5 KB
6 KB 121ms
120ms Image
image/webp 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/How-To-choose-Hoka-Shoes-150x150.webp
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26988dd802ec64dc2efb2fc7f55f73010525d83c6e911a8d27abc2a605cea503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRTxbXXKQNOiv2bAD4hftC6%2F9Osdv6ppEmPrF%2B1OH4ODO72AOz3sjjBzOIBKYQ9RGj%2BPtZL1jf7W6Bt9l2qDC4t2gk847hHOteFGDzrFIit43Lc1J0stZ1bvdClPB6hOBi0qgxweENjlaqJ%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc4f41c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5392

GET
H3 200 shoes-for-knee-pain-sufferer-150x150.png
edonmanor.com/wp-content/uploads/2023/05/ 35 KB
36 KB 121ms
120ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/shoes-for-knee-pain-sufferer-150x150.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f7f40cc428b94599c355e7a5c28f1ac472fa05c956cdfd103ef08949db0b91f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7WGaPkobD0OvLEamYmYGEzRp7N44LRtXxfowpgLB9RzXCi2vsR0rWuQ4wmeRNEN0UhpjKx1GPfEB%2BM2SdOoAXpbmchrh%2Bvv0A%2BPYlWFxf%2Fmg2pn%2BDp8IPi2CEJh5ByLxdeyZ6HOj%2FHavwmm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc5041c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36261

GET
H3 200 Hoka-hiking-boots-150x150.png
edonmanor.com/wp-content/uploads/2023/05/ 20 KB
20 KB 128ms
127ms Image
image/png 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edonmanor.com/wp-content/uploads/2023/05/Hoka-hiking-boots-150x150.png
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13aaa75c7d30da07570bf66f4c2a2bce18dfd77ec7e6236a9c756014342f231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Sep 2023 15:47:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX101Ln0%2FZSvuyiJfYK5wUfxBP86VDuODS2mH3402S9uetS%2BHZ%2F4%2BeKsDw0gbHASC4CQw3X7DbwHen7YTNG8nJ17Cq8QlBw3DfRUVEumoJH4cNAh6NlOyEx1wKPffQmIikWmbAWzh7ByspaH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 843bff21dc5141c8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 20461

GET
H3 200 142.45e6cd68162e8468862a.js Show response
edonmanor.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 129ms
128ms Script
text/javascript 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/142.45e6cd68162e8468862a.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/wp-content/themes/blocksy/static/bundle/main.js?ver=2.0.14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e879fa34664eefa304af5da1dca318e39d37420dcdb18f334958e5af4f87184f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Mon, 01 Jan 2024 08:17:25 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVQV2JasdS18JaYnGcgO98t3OniN6jPG8Un5oheiT5%2FgCoQ%2FH3PAowUEd3vOdkqPepsK6p%2BJGfD9Sgy7sJ4FsK5BqQGOVAxUsYqUJncBviYjlvYJLk4L4gewVhnlvBj5XEaGRvpVwyUFLbPw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 843bff21dc5241c8-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
edonmanor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 106B
Redirect Chain

https://edonmanor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://edonmanor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

100ms
99ms

Script
application/javascript

2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edonmanor.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Server

2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a70514da7d3910a506603d478e4c74b70ea842f1b29341dc5bb3e5f580623ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrmCKisT0SWAGfBXJ7krgVBaTVyeKz7MUlqJD2zwQI%2BK0q1yUIwAq42DYL7bDNSlqdqrw9HymJ6mQWLd7p%2Bibp7AHOB9LNTuwo63Ds4tgCRGByNR9Hr%2BZAxYhDFU2ItTNIFuk2%2BF4WMvTUZA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 843bff220c7141c8-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 11 Jan 2024 09:05:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KO7WhEBDVPmJ3yJ6r7rXPArfy14LhKU%2F5z5oWvzkIQAvLVCsb9K0GIwLMkI7zSn82%2FiPLnJHJ4c87jdn9cXanVIgOeWl9Dm9a46wTakPkUUCoc4A4%2FCPcPThmdGSvmBXScRAfJX4sbIAL9Zv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 843bff21ec5441c8-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 843bff1f1ee065fe Show response
edonmanor.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 106B 0
548 B 2859ms
2859ms XHR
text/plain 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/cdn-cgi/challenge-platform/h/b/jsd/r/843bff1f1ee065fe
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jan 2024 09:05:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9HF1Uak%2BmpqA60pcGMlloe1uD8gj66V7gfxVk03aazw3F9Sz76Y%2Brc%2BvP3PoRuK8pCU3LdpmrTP94hWlEscDGsswjL0Cbg5WfEzwNrDGwNoz2ST8RAS7QshDK1lDis8SHeJG2a5kNGekFrf"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 843bff230d4941c8-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
edonmanor.com/wp-includes/js/jquery/ 86 KB
31 KB 63ms
63ms Script
text/javascript 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yZH749sUcBF0bzpLYcURbIVjGeaZN8nu0Y%2BIdziIvVF32UPR9rwcDyxRXptMLHgXfPXPOFhOLsLox6RKF9oPZrr%2F80Tc1YPIlAp8yFKsmh9ia1fRX%2BGrhHJlCQyZE%2Bp1TKJvTuOhxkEFk29"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 843bff230d5141c8-AMS
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK / Show response
cat2.hbwrapper.com/ 15 B
258 B 299ms
97ms Fetch
text/html 68.183.18.251
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat2.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.18.251 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture2.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://edonmanor.com
Date: Thu, 11 Jan 2024 09:05:12 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 321 B
456 B 50ms
15ms Fetch
text/plain 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66fc08b67f0878719ce275cd1d7bd852de3749f2840bdd5887c1b337d44facfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 843bff234a919b49-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 234ms
124ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

816e50e6068902cbb3457ba2b672a8becf1bff9e8f17ea719c1e6b71c95f2724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29845
x-xss-protection: 0
server: cafe
etag: 702 / 19733 / 31080366 / config-hash: 1407827963928654873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 09:05:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 42ms
7ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:54:51 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 622
etag: W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: utkdfHOajCfUxohp5044Ph6fmSG9d21OkD5v62cWzkAd1IZRNSuP_g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 341 KB
85 KB 92ms
92ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

987254ac9c7f9c47d9bf0ee80d13bceeebb1e51e346b61e712318a9022e327ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 09:05:12 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 48ms
20ms Fetch
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c5aa6d0357b62b02c6b097ded7dace2d7d73c9d3182ab4769d6d885d42df3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18259
x-jsd-version: 1.0.1931
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21926-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-srP1bsNqA2XeAw2UkOxOtrPZGo8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5nn62zMHUwZuC7qlupPDaao1Rhuxj3uRx4kvqWeBk9nqCfHDDQ01NyEVJ5ydPR%2B%2BnTGK2YXECI%2BdE7a43hESxvVGUX%2FBq%2BzUIVLLXkXe%2Fvhiblnos4MYw%2B74qe0M0AcPBlULiJ6%2FP6KzPWqr4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 843bff23586d993f-FRA

GET
H2 200 1ad7261b-91ea-4b6f-b9e9-b83522205b75 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
830 B 58ms
7ms Script
application/javascript 18.66.112.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-124.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ad7f6fe41dd709881e9b98267ab838582c8da1f29c1eac449b1b12f5de1abc12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:18:37 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 2795
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: C08SshE6zxs5I0_MCH9W_lQtxFZWupRkuzSQFlor3uqr0AlnWehseg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
4 KB 8ms
8ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fedonmanor.com&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 16a131c7b928ce17cee9b762ad8d7f8619e00830116320dddca775a2079fa86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 04:44:37 GMT
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 15635
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://edonmanor.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3242
x-amz-cf-id: JiFz79sGxe9xnhPlT1iGeGlwP1ghU__Lm1mon1_Hepa3uOgh-vl0hA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
date: Thu, 11 Jan 2024 06:45:14 GMT
x-amz-cf-pop: FRA56-P6
age: 8405
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: hgqSTThQllK14hkL2L7Wl6oE4rbCgXV-5V8ouN4FVsIts1WvK9kmKA==

GET
H3 200 jquery-migrate.min.js Show response
edonmanor.com/wp-includes/js/jquery/ 13 KB
5 KB 62ms
61ms Script
text/javascript 2606:4700:3037::6815:1127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edonmanor.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=6.4.2
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:1127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fi7BbRr9C2BKX1JNhJuRUuIkpjmy7c76zwYFEtxJzivgI1L3kQxqAyHAvmKMa91XLfOBIhrTFsg5ki8ny1IrnNRL9WjV7WHmUZwJAaYkGAV6TBh7CMHkG%2BqtmNGU4dHsyfM%2BBqfioooLaGYc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400, s-maxage=10
cf-ray: 843bff238dc441c8-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 127ms
13ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 11 Jan 2024 09:20:12 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 54ms
18ms Script
text/javascript 18.64.79.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-126.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 02:12:54 GMT
content-encoding: gzip
via: 1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
age: 24739
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: gwKYmGMhIJ3n9jNLNxS05tZ9KiHmw61s5-_hFi43lGpvqVpzPltEjw==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 56ms
32ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fedonmanor.com%2F&ref=&_it=amazon&partner_id=405
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CADRK6PEVBEZB5
age: 1085
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 843bff23aca0380a-FRA
x-amz-id-2: flKA/w3j/xi2gJ65jogAIT1IJi47Xyyg7sUYQQ2R7nOR/7B5jvPTNgJSLJ3NwqiCDc6W3Pg1WdM=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 50ms
23ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: TGD0Y06NTBJBX7GF
age: 933
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 843bff23bd14904f-FRA
x-amz-id-2: HcEa1aU09/LP87y9rRXIcsgKRW7o1mbK+zyswWxkpSUahJF4Pl+cAUJwUz0tNuIDPedCTP6IIwpWkl1ATQ5XuA==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 125ms
12ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Thu, 11 Jan 2024 09:20:12 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
460 B 102ms
47ms XHR
text/javascript 13.32.119.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fedonmanor.com%2F&pid=VLijdwx7kWIii&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22665fa256-fd39-4a0d-b282-ec961950199d%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Fednr_sticky_footer%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!adapex.io%2Cs3491%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.119.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-119-77.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P1
x-amz-rid: PMHTG9WZGZW50YXA8J28
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://edonmanor.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: SapbPKaxsz1yoUnCDh_fXAf1YsbQGLcrscu8siDl-nMzGkUtBzq5_A==

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 782ms
55ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://edonmanor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://edonmanor.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 11 Jan 2024 09:05:13 GMT

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 12 KB
13 KB 43ms
7ms Script
application/javascript 18.66.122.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-46.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac2db4ca2049d3eb3cc9d8efaef3d9e4e3012173b4df8f305a95fd4b596ae7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: QqQpJyt45fQ3T2KSAaK0PvM.LdXNyjTe
date: Wed, 10 Jan 2024 15:17:34 GMT
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 15:17:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 64059
x-amz-server-side-encryption: AES256
etag: "e9db0423dfdc3324289f8d82d6402ba2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12556
x-amz-cf-id: AVaIvaa0K7-uEuqUETR83jSEPEcqzRTXLs2yYk_Z0-kb0jVYwLgmvw==

POST
H2 204 prebid Show response
ib.adnxs.com/openrtb2/ 0
526 B 49ms
14ms Fetch 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/openrtb2/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
an-x-request-uuid: 909e4591-5dc4-4f90-a718-cd11d5ded292
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: https://edonmanor.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
352 B 184ms
134ms Fetch 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:11 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 119
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 50ms
18ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d7b28c32c9512cf3fbbaa3c4e6b91914c9531b12b4f31aeb540561a84a7c6d2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
an-x-request-uuid: effb4d17-8a82-455c-8eaa-af4a04be9cb8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edonmanor.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 13 KB
7 KB 207ms
165ms Fetch
application/json 3.64.142.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.142.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-142-32.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 46d979d1c9096f0ee9bea886d14216acc57d3f63fabc083d5729dc49a1530797

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 Jan 2024 09:05:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 6937

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 1000ms
970ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.28.0&cb=56995254402&lsavail=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 pb Show response
ad.360yield.com/1914/ 0
167 B 156ms
35ms Fetch 52.215.121.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1914/pb
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.215.121.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-121-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
410 B 90ms
28ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://edonmanor.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 78ms
50ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b38addbdc404414a4cbe7f910fef976db9f75449444d90742fbcb2dfac314b98

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
an-x-request-uuid: 7251eacc-f39c-44ed-a482-3109d075864c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edonmanor.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 9 KB
6 KB 239ms
181ms Fetch
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=525962&zone_id=3176694&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s3491,1,,,&eid_pubcid.org=6b64fc4d-c5a5-4e9e-a9cb-d7d9bab94373%5E1&rf=https%3A%2F%2Fedonmanor.com%2F&tg_i.domain=edonmanor.com&tg_i.page=https%3A%2F%2Fedonmanor.com%2F&tg_i.pbadslot=%2F22181265%2Fednr_sticky_footer&tg_i.gpid=%2F22181265%2Fednr_sticky_footer&tk_flint=pbjs_lite_v8.28.0&l_pb_bid_id=307e9d2a538b0fb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Fednr_sticky_footer&m_ch_mobile=%3F0&slots=1&rand=0.9359860955402115
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 69719a9c870d154c5ef24b5bc9116a9d2d7a9dee81335b17f4797d68980f4609

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 2 B
327 B 115ms
33ms Fetch
application/json 63.33.168.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1704963912288&to=-60&aun=665fa256-fd39-4a0d-b282-ec961950199d&pubcid=6b64fc4d-c5a5-4e9e-a9cb-d7d9bab94373&gpid=%2F22181265%2Fednr_sticky_footer&fp=0.01&fpc=USD&t=wzvmhpiv&pi=2&schain=1.0%2C1!adapex.io%2Cs3491%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fedonmanor.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.28.0%22%7D&ogu=https%3A%2F%2Fedonmanor.com%2Fhoka-shoes-for-nurses%2F&ns=9523
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.168.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-168-200.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://edonmanor.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
6 KB 201ms
177ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

526e7a239a5a444ac4ab802450f02d03dfd4b7c31e14ee7ffa3fbbb17a01548f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
an-x-request-uuid: 77c21701-fe47-4133-8fb1-7f3d98f1998d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edonmanor.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
156 B 64ms
16ms Fetch 18.196.19.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.19.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-19-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
155 B 155ms
109ms Fetch 18.196.19.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.19.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-19-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
203 B 42ms
15ms Fetch
application/json 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://edonmanor.com
pragma: no-cache
date: Thu, 11 Jan 2024 09:05:13 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11
content-type: application/json

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
426 B 147ms
34ms Fetch
application/json 52.208.204.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.208.204.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-204-46.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d71122eff7fb4c76ea96175fb415caad097cb88820ba02092b88fc03cbb24922

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
server: istio-envoy
x-reason: maxmind anonymous vpn
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://edonmanor.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 145ms
101ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 561df1b48e939ca4645539801a39f1fc746e465974ce6aed2f1cd6e582d4c67f

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://edonmanor.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 09:05:12 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 99ms
32ms XHR
application/json 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f2b3619b6a76c240f2dc901d47efef6a1a9f726d33aa578252c548b2dd4a5935

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache
x-server: 10.45.1.9
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 98 B
286 B 108ms
107ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=edonmanor.com&url=https://edonmanor.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fedonmanor.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4d394b6834ee9c3daaa5241742ea2aa225f4d0098759cde673edfe2e1b36c3

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 843bff24ecfa1e54-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 158ms
121ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=edonmanor.com&url=https://edonmanor.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://edonmanor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 843bff242bee1e54-FRA
content-length: 0
content-type: application/json
date: Thu, 11 Jan 2024 09:05:12 GMT
debug: OPTIONS block
expires: Fri, 10 Jan 2025 09:05:12 GMT
server: cloudflare

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 451 B
818 B 348ms
121ms XHR
application/json 54.161.113.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=6b64fc4d-c5a5-4e9e-a9cb-d7d9bab94373&u=https%3A%2F%2Fedonmanor.com%2F&h=edonmanor.com&ref=&ids=sharedid%2C6b64fc4d-c5a5-4e9e-a9cb-d7d9bab94373%7C&v=3
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.113.161 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-113-161.compute-1.amazonaws.com
Software: /
Resource Hash: 0c65abbd902a4029d80d7af27b68262be2d60b6e44ab91d74803ec980f3f7889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://edonmanor.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 451

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 36ms
9ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 18 Jan 2024 09:05:12 GMT

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 10ms
10ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Thu, 11 Jan 2024 09:20:12 GMT

GET
H2 200 rules-p-WFJsXCa9VD158.js Show response
rules.quantcount.com/ 160 B
644 B 37ms
8ms Script
application/javascript 2600:9000:223c:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-WFJsXCa9VD158.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:54:37 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 656
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Tue, 11 Apr 2023 19:39:28 GMT
server: AmazonS3
etag: "8451e96214684fb5c6ec4f91dde0548e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: q3No6TXixnEipRAjFtkNPCsFw5HkSBXpGqaLUuapXm67xGlMFNTPLA==

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
461 B 91ms
14ms XHR
application/json 2a02:fa8:8806:21::1780
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://edonmanor.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Thu, 11 Jan 2024 09:35:12 GMT

GET
H2 200 pixel;r=656657536;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fedonmanor.com%2F;uht=2;fpan=1;fpa=P0-11984869-1704963912384;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=e...
pixel.quantserve.com/ 35 B
371 B 46ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=656657536;source=gtm;rf=0;a=p-WFJsXCa9VD158;url=https%3A%2F%2Fedonmanor.com%2F;uht=2;fpan=1;fpa=P0-11984869-1704963912384;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=edonmanor.com;dst=1;et=1704963912423;tzo=-60;ogl=type.website%2Ctitle.Archives%2Curl.https%3A%2F%2Fedonmanor%252Ecom%2Fhoka-shoes-for-nurses%2F%2Csite_name.Edon%20Manor;ses=f2404f69-3187-4768-af3d-25a998b44ec2;mdl=

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/ 437 KB
138 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77334
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140647
x-xss-protection: 0
server: cafe
etag: 6083039351134279638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 11:36:18 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 10ms
10ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Thu, 11 Jan 2024 09:20:12 GMT

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 72ms
24ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fedonmanor.com%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49141ee895c8d35118b1d21d3101fd2cc6da7c950f0b8cf7921f21be726978be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 09:00:58 GMT
server: cloudflare
age: 254
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 843bff25e8f06ae9-FRA

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 54ms
7ms Script
application/javascript 2600:9000:223c:5a00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:5a00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:59:48 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: PnqqihqrMMlZ3-BzFcWUlhcfkI7_RjN5aG052RKzLSU1wLCH1s203A==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 35ms
8ms Script
text/javascript 2600:9000:2250:f400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Wed, 10 Jan 2024 09:17:40 GMT
Via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 85653
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: GM-PUiu3JTxDHu0IHCjr8WE-qpsbGdUpNpehNqwcRpPi4t_shbLVEA==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
28 KB 31ms
30ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: EZV6NW1WM6XWNDV3
age: 2833
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 843bff260f91904f-FRA
x-amz-id-2: hs7GhfxdK9LKmx/nVoza14Arg8e7uJPpJfYoaDypHkfYO8aT+LtOSBMY5fIRKmPxTFDnmQ3qaoE=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 51ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 04 Jan 2024 12:38:38 GMT
server: nginx
etag: W/"6596a6ce-a9b8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jan 2024 09:05:12 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 67ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 23:30:13 GMT
content-encoding: gzip
age: 2453699
x-guploader-uploadid: ABPtcPpPE0vjHLKkcxVClS2DI0WddWarTtH4PXBLpfLZCdHoTRe5ZF8OJcHVEwRa3mtthjLTXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 12 Dec 2024 23:30:13 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 90ms
35ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 66356e4cea048eb2d50ce985b3479145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 23ms
22ms Script
text/javascript 18.64.79.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-126.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
age: 12480
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 6utL2xGAJGZ7qfSv4tsqG8VL6ynrV0ef5ME15lJQU0PlkT4KQAxPYQ==

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 41ms
22ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9794
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTieKy45se8UpOkUUP3k6LecuVZlRCHED82iM%2F%2BKCsKpe0ZYurEZyiIAe3Fk8u37UdW6ffQ9ILM7e35BIBYH5sSuo%2Bt9C1AOfgkWOCc2%2FC8MvkVY8Fd3UzaVmcl%2B5pAmAGvK8rg5Vz4G%2FjZ0Y3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 843bff261f0792ba-FRA

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 64ms
24ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 46787
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 843bff264adb39d0-FRA
expires: Sun, 14 Jan 2024 09:05:12 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 32ms
32ms XHR
application/json 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 05bfd994b35f0b384e497b0d0c0a6519a99087088aa728945f35886a217c940a

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache
x-server: 10.45.14.201
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 js Show response
aggle.net/ 204 B
659 B 459ms
154ms Script
text/html 15.197.179.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=edonmanor.com&pih1=&pih2=&pih3=
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: d0c7085e7e36081c5551b55034c3690c14ef561b77fc17447e90c7a365bf93d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 09:05:14 GMT
date: Thu, 11 Jan 2024 09:05:13 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 204
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

503

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fid%3D%24UID%26gcid%3Da25ffd0d-d18c-4107-99a4-69a22d75eb4c
https://p2.gcprivacy.com/v3/id/xandr?id=3680210318319588292&gcid=a25ffd0d-d18c-4107-99a4-69a22d75eb4c

0
70 B

104ms
104ms

Image
text/plain

54.161.113.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?id=3680210318319588292&gcid=a25ffd0d-d18c-4107-99a4-69a22d75eb4c
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Server: 54.161.113.161 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-113-161.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
an-x-request-uuid: 6e4bc50f-f307-443b-bc08-dbdccbd8cc74
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://p2.gcprivacy.com/v3/id/xandr?id=3680210318319588292&gcid=a25ffd0d-d18c-4107-99a4-69a22d75eb4c
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
201 B 72ms
10ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fedonmanor.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://edonmanor.com
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F87B 14 KB
6 KB 45ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=edonmanor.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 481322
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp&cc=1

85 B
193 B

114ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp&cc=1
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 06a1ab381aa86e1ca868a9882a107fb91b8d5a1e1d7483fa597cfa0c55935508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:12 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-c1tVJeKvWrYqFcP/0RIFRghKE6w"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edonmanor.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 11 Jan 2024 09:05:12 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://edonmanor.com
location: /esp?url=https%3A%2F%2Fedonmanor.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F87B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=edonmanor.com&sn=ChromeSyncframe&so=0&topUrl=edonmanor.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=jVtfrnx5YmcvUHplQzZTM25pRnZScVVPendLbUZRaXpCU3hncEZ0djhKVVpJYXM3MjJrWGJyc2J5RmlKcm1yandGb3dna1V2TjFmNWdaY3RjM095UjhLdTdjK2RIV3pZK2sxc0VOTDhxWHYxMld6c0psczdEclZhMXg4S3...

441 B
652 B

17ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jVtfrnx5YmcvUHplQzZTM25pRnZScVVPendLbUZRaXpCU3hncEZ0djhKVVpJYXM3MjJrWGJyc2J5RmlKcm1yandGb3dna1V2TjFmNWdaY3RjM095UjhLdTdjK2RIV3pZK2sxc0VOTDhxWHYxMld6c0psczdEclZhMXg4S3c3dERrOW81ak9GUDN0OUZoQmozNW1YYjRCTzhjREFQTXFmZklKRDdEQnRiRDdPQVVRWUZIdDZiN0NsMFFvYWFId2swbWRCRmpLUVFSK3Q2S3labnlNZlRvMGxHQ253cXRZeFdiNFM4QjUyaGl6RnFjbmhtRE5VOTJJcERFQkNQRjM5Ri9EeUQwazJ5a3l1MTdZNmhteDY0bjl5dmRuZz09fA&cppv=2

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

68e6fb5c05b42b8dca545b8cf9438c8d8ba25f770b53a34f37d5c98fed1951eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1257565
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jVtfrnx5YmcvUHplQzZTM25pRnZScVVPendLbUZRaXpCU3hncEZ0djhKVVpJYXM3MjJrWGJyc2J5RmlKcm1yandGb3dna1V2TjFmNWdaY3RjM095UjhLdTdjK2RIV3pZK2sxc0VOTDhxWHYxMld6c0psczdEclZhMXg4S3c3dERrOW81ak9GUDN0OUZoQmozNW1YYjRCTzhjREFQTXFmZklKRDdEQnRiRDdPQVVRWUZIdDZiN0NsMFFvYWFId2swbWRCRmpLUVFSK3Q2S3labnlNZlRvMGxHQ253cXRZeFdiNFM4QjUyaGl6RnFjbmhtRE5VOTJJcERFQkNQRjM5Ri9EeUQwazJ5a3l1MTdZNmhteDY0bjl5dmRuZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 314087
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7D2A 199 B
298 B 69ms
20ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Thu, 11 Jan 2024 09:05:13 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 jsync Show response
aggle.net/ 1 KB
2 KB 182ms
182ms Script
text/html 15.197.179.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/jsync?pid=NEQ7KDHP5&domain=edonmanor.com&pih1=&pih2=&pih3=
Requested by: Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=edonmanor.com&pih1=&pih2=&pih3=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 15.197.179.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 8788ba4e9ed874db408e6ad1f9df6628ba384c6b185b73aeb6790a7abbdbdd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 09:05:14 GMT
date: Thu, 11 Jan 2024 09:05:13 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 1121
p3p: CP="NOI OUR BUS UNI COM NAV"

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fedonmanor.com%2F&domain=edonmanor.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://edonmanor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 11 Jan 2024 09:05:12 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 283732
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
248 B 141ms
102ms Fetch
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=8.28.0&coppa=0
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:13 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://edonmanor.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
266 B 117ms
14ms Fetch
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://edonmanor.com/&tl=https://edonmanor.com/&nf=0&rt=true&v=8.28.0&av=2.0&vg=aaw&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: 8e36e7ce2d718264cdf1194a40c8767443d71134277d4001d904a0482eb5d699

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
386 B 15ms
14ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fedonmanor.com%2F&domain=edonmanor.com&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 193676
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
232 B 17ms
17ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=405&_it=prebid
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd3a4d8bf0c729b06a3dc960854b7cec069097c4447ac6ce4606a1d18d8dd9b9

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:13 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 843bff2a1b651e54-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
414 B 30ms
7ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 204 any Show response
idx.liadm.com/idex/prebid/ 0
369 B 325ms
104ms Fetch 35.168.180.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.168.180.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-168-180-16.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 0
access-control-allow-origin: https://edonmanor.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: b5312077ffe1727b
expires: Thu, 11 Jan 2024 10:05:13 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
315 B 112ms
34ms Fetch
application/json 54.246.43.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17228
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.43.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:13 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache
x-server: 10.45.18.85
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
336 B 94ms
51ms Fetch
text/plain 23.211.8.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-8-12.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 09:05:13 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://edonmanor.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 11 Jan 2024 09:05:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 136 KB
53 KB 850ms
850ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3691184608092061&correlator=3560161562146275&eid=31080296%2C31080331%2C31079240%2C31080366&output=ldjh&gdfp_req=1&vrg=202401090101&ptt=17&impl=fifs&iu_parts=22181265%3A22697907561%2Cednr_gam_interstitial%2Cednr_sticky_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%2C970x90%7C728x90&ifi=1&sfv=1-0-40&ists=2&fas=8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1704963913299&lmt=1704963913&adxs=-9%2C0&adys=-9%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&tos=~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fedonmanor.com%2F&vis=1&psz=0x-1%7C1600x4059&msz=0x-1%7C970x0&fws=2%2C132&ohw=0%2C1600&ga_vid=991071354.1704963913&ga_sid=1704963913&ga_hid=114220865&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYweeSvs8xSABSAghvEhsKDDMzYWNyb3NzLmNvbRjB55K-zzFIAFICCG8SOwoKcHViY2lkLm9yZxIkNmI2NGZjNGQtYzVhNS00ZTllLWE5Y2ItZDdkOWJhYjk0MzczGMHnkr7PMUgAEhgKCXlhaG9vLmNvbRiL6JK-zzFIAFICCG8SHQoOZXNwLmNyaXRlby5jb20Yu-eSvs8xSABSAghkEhcKCHJ0YmhvdXNlGJfokr7PMUgAUgIIahIZCgp1aWRhcGkuY29tGMHnkr7PMUgAUgIIbxI-CgVvcGVueBIsZXlKcElqb2lObmcxV1ZJelpFSlJiQ3NyWkhBclVYaHRWMVJpWnowOUluMD0YruqSvs8xSAASGwoMbGl2ZXJhbXAuY29tGMHnkr7PMUgAUgIIbxIbCgxpZDUtc3luYy5jb20YweeSvs8xSABSAghvEh0KDmxpdmVpbnRlbnQuY29tGMHnkr7PMUgAUgIIbw..&dlt=1704963911767&idt=853&prev_scp=%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D3%26hb_adomain%3Dqonto.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.66%26hb_adid%3D463626749671b71%26hb_bidder%3Dgrid%26anh%3Dadhesion&cust_params=gcRTDTest%3Dfalse%26pbstck_ab_test%3Dfalse%26wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D500%26wrap_l%3D700%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26padpr%3D1%2633acrossId%3Dfalse%26amxId%3Dfalse%26criteo%3Dfalse%26hadronId%3Dfalse%26id5Id%3Dfalse%26identityLink%3Dfalse%26liveIntentId%3Dfalse%26lotamePanoramaId%3Dfalse%26pairId%3Dfalse%26quantcastId%3Dfalse%26sharedId%3Dtrue%26teadsId%3Dfalse%26uid2%3Dfalse%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26gc_bucket%3DC%26waae%3D1000%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&adks=2813791537%2C4045757738&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad622c490c8b2f080cdced825459ed26350c82eadddefc99af5287c1ec80ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54736
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://edonmanor.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5D1 6 KB
3 KB 238ms
89ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:13 GMT
expires: Fri, 10 Jan 2025 09:05:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/ 40 KB
14 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl_page_level_ads.js?cb=31080366

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe7044b5e09f04752eec4d51e3fcd3f0f0cd54a08900b7a3c8571367408ea4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 11:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77303
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13836
x-xss-protection: 0
server: cafe
etag: 5078802807448044418
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 11:36:50 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
272 B 38ms
8ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

1d79041b42c6bade0e75d7433fbf2ad56fce1f5353716dcc1550b5a2528f0621

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
273 B 30ms
7ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

1d79041b42c6bade0e75d7433fbf2ad56fce1f5353716dcc1550b5a2528f0621

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 579.json Show response
id5-sync.com/g/v2/ 251 B
530 B 21ms
7ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

cd9ff2c664249c8210de8bedae0215e664d0a9ac7509c49c85e81c4186044821

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 360 B
638 B 20ms
7ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a26d88d48098618267fa987e2b9845bcf35d463876a73b2a1a692a1bc45499b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://edonmanor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://edonmanor.com
date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET cs
a.usbrowserspeed.com/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 209ms
100ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bb65a55aaf41e58463abf83907b9da83b273bb480b8a7636658a77433608419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12360
x-xss-protection: 0

GET
H/1.1 204
No Content t.dhj Show response
pxdrop.lijit.com/1/d/ 0
199 B 56ms
8ms Script
text/plain 2.20.142.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=append&pubid=techlist&puu=bfd4bb6d-a946-4c76-bd63-ab410f3bcc3e&dmn=edonmanor.com
Requested by: Host: edonmanor.com
URL: https://edonmanor.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.142.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-20-142-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 09:05:14 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 11 Jan 2024 10:05:14 GMT

GET
H2 200 container.html Show response
9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DF8 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:13 GMT
expires: Fri, 10 Jan 2025 09:05:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 236ms
125ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H2 200 container.html Show response
9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FCD 6 KB
3 KB 51ms
51ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401090101/pubads_impl.js?cb=31080366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:13 GMT
expires: Fri, 10 Jan 2025 09:05:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5DF8 4 KB
767 B 63ms
63ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 07:42:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9E58 624 B
826 B 203ms
93ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEKuLn-MCGIuInIMCMAE&v=APEucNUjaCyD7RQjgx0T81tBJ1VgZ2u5rI1lVkq4ztC_9DxbbHdqyQu-kxB8uK8zEBr1s487HZs3aG-bChDjPSHaVECEsTmK2LSgXrIEHN0FvmM5RGgfJnHdzRuqCEhx1dv9y2nTUePeaYQ9__fNk5WdSUr0UiJ02bWrpM5xsna_j0-HIvvdVkwMmyBR6EAhWNt8jXnuWdIEGm9P6TihbhXENp4Nmb1k1g

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:14 GMT
expires: Thu, 11 Jan 2024 09:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1DCE 89 KB
31 KB 228ms
124ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1DCE 3 KB
1 KB 167ms
107ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 08:46:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1DCE 20 KB
9 KB 111ms
51ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DCE 205 KB
65 KB 228ms
118ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCE 42 B
63 B 190ms
86ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5bSMIYZ3W07yZQZwFZi93O-JfS57eAU5_0gYgE7sGAUw3tFF2x5ixqgee5lEv0vcpE5OUypS_rtxusa4xcegfvSqwTbexuQ_-7kZXe_nTIh_kLjk

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 5DF8 22 KB
9 KB 117ms
58ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7EF3 624 B
504 B 171ms
93ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjv8576ATAB&v=APEucNXHVph6fuMkuzcKZ5CePTh1oUpZRAg2S1WKYm8HV7BThKKscNNB21OdB_nh8k2qRcJNJ-9ZzzrEEyKnky80edYuYYXAtvB4vIH-kkX9yU-S1ekcxOS9VDcsi07TxgzyGiBD9g_DK40tDNqUvoTFAPUIjJPyyFBeH2ONpKp8sk3aW_KbwtrX6BH7nsan8IntpgB1H-z_81MjGjjtFXlt-DpO7zSvrw

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:14 GMT
expires: Thu, 11 Jan 2024 09:05:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 4FCD 23 KB
9 KB 118ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:21 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 4FCD 7 KB
3 KB 128ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:20 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4FCD 0
0 166ms
81ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvWE7d12mvszzdnsZOW57gEJ7NJLhACwJg7B5sSPX8Z9ECdnuesi5deD1kqonMPZztKZqLTg5yYB9h8oFlDDNrQCXuUS4cOxGBipu1pnkeQpJKU9950ipR-5WZNOjfZvp_l4cQ7THIxfLVEvv7mSp-unwJg2uNcIsTqSwr3pKbYxYADB6z14W7ddSg7xamtQPiapQbg1CHZ98La--C64deUmUOagh5zXgsu7CqFnJkyJoLf38e5-8tbjk1-_g6bTzKn3EUvzHgVQezFYZaK1jrB7M9smuE7PTvR-XfScx2Cpn5sfEsRWe7mbkfD0GBT2xHg4mORwZqb-ctahoV8LvnMtW3e5qZK6H80kL8TurwMWngPBqDznBdHBDZJymq_nBKu8X0WbPdUJxfyKtaSRRGkDd_5HQc3zcR2HSFLiGpidXVh4UBuPB-GkG6IXUrlvlLDPTTWJpnYUj_TjkUYW7Yi-JY9jik2pEN0TpwQdXvdsRQF-uQOLSxbzEdFGpmJYbR5YOoo0AxaWCYpoZ2wKafy-bzp4TSBM7KlxLKjs2CC4vP_caO6CqOZCR0yOO30Pc5OUYsqrZJuTWHq6dvGInyZXkvLd6WP-XUeiMPM6E06hv67PAEbMcEcbIA1q9Ipeei_CLdh_xmwhKXPpf7n_1rdMMLWBcZcOG4MjtugpC9AJNa0_9QYQYezuc_kgM7JVIo9lNTof3StFV2z_q8liF2x5bNen7vth_qRmtv1fX1Kwlq1Whdru6_KrYAotpp5WJQoXjPN9zNkKRXtADXscW6T6XuZE5zwlohkw7xLVZ2i-zpjqc_5UgLSdZoH4PkamMzjyFsLUXvdYrh0lsROzdrHeGFzWcGmxqtXIKYLcB1sJxfHhXPIzjtVTgB7G30GaVqm2JwcX5uQ_yPtwwYjgljOQln8jCFiiNlSu7Rz_E1hwKb3RUsWQQ-4nc9ucTJbwTPMknhujORhHy5tcqVP2p3fgUp2zHBA8lNHFrKXbzJfhe9wETFFmn1yK39GkMiGzL13zIJ3ZATYzvla8Q2h54wap747qjXlDfF_m1aZ5z5atkVka5VAbuFw87zbC9a6YQZa8w0vsUpUvEcM-aLjMywPkOjiUhCzXqLWG0Owdh9Ur47S4TDkKKU2VtWCzLx3DuaIVjB4-doL-Rs1QvKIDhAzFbBt0c5yFGRXZJ4dX6RFo3TjFpSRkfJVZMZ5I6zK5FOqRnbadOsJS5HwR6sn2ZkEi8vrkaaP2TUDkr9DWeZfBiK2BxLgWiPAdxk2xv2OpoZgQAUqAW1ZDPXwyShSLEkW3j7KyrGqVXMZoCJzyPGvr7CDdqsq-McfrDyyFTcLujcpVCk0Uwmf1H0o&sai=AMfl-YQPfmMLQIBUzp1nGxldhEIIFb_L8O7UvNCUkC3PSfuSTVx_rEkIwHO6OViBwk1kaYNIgBwTTg1KIphAgPOBOAlQs0t__aMTwRYp1beHNxnV_nSBa5AlhH6iIssJCUrqSZhiKXS6nwmn2qa5KTTErKam_1Te05PS7g5P-vXfm4q8y5ULayneMddti-tdtNSW5ooG-zsZedHhx-0GQ6nKOlE9qqh--MR3Ikl7CtlCuDBF3Y5HBHBKpdgJivrHJ8NmLJKArBsAgq7cdnww85cXxI4-3jz-ysOb2xp81HSSGUebhswQTCfQQZfunWCHnyH2dJwei9WiC6UY6IgK1nllsqfqLnH__aFo9pt5sidnLpym57AoahodWzffoO9g-zFm_WvXSTAfiif0uhv_INMidANXnqpYbQYqAAgs3Gl3-QT9DLEe5piqqmgHBanwJWuDwQtWYIdJe-Rki8PhZ-gXIWpIJOHJzuQzGXuxzLnPQyUwZxx2WfbZ6cLJ3y9pyKOEUuOoH64&sig=Cg0ArKJSzItjmwy9R39IEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9kb3VibGVjbGljay5uZXQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.22487&arae=0&ftch=1&adurl=

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4FCD 41 KB
14 KB 130ms
108ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1686316/75378114/ Frame 4FCD 59 KB
14 KB 711ms
182ms Script
application/javascript 54.71.65.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1686316/75378114/skeleton.js
Requested by: Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.65.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-65-132.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e313cfc6f8f7fc8f61311a9a5a373fca0408090d2f9b95543147e786b3b7f9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FCD 42 B
63 B 150ms
85ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CcZG_cIRZ-252VST4cjCVaGskXFNbFNgrQvJ_KG1mKd9V9bGEsfo8cWMhJSz_f_05aP7o0sA8TOQTficBv9qAty0glzuf9RZqfA88m1kPbVp35fcY

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B30605926.377030693;dc_pre=CJqs4sP91IMDFazHuwgdfoAEeg;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/ Frame 4FCD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_pre=CJqs4sP91IMDFazHuwgdfoAEeg;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_r...

42 B
466 B

55ms
55ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_pre=CJqs4sP91IMDFazHuwgdfoAEeg;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N4362.2566103PREXPROGRAMMATICEXC/B30605926.377030693;dc_pre=CJqs4sP91IMDFazHuwgdfoAEeg;dc_trk_aid=568064964;dc_trk_cid=200047240;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame 4FCD
Redirect Chain

https://ad3.adfarm1.adition.com/banner?sid=3622302&gdpr=&gdpr_consent=&kid=6122945&bid=18514759&wpt=C&ts=[timestamp]
https://imagesrv.adition.com/1x1.gif

68 B
178 B

39ms
9ms

Image
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jan 2024 09:05:14 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 10:05:14 +0100
server: ADITIONSERVER v1.0
etag: 7322764251494089945
content-type: text/plain
location: https://imagesrv.adition.com/1x1.gif
access-control-allow-origin: *
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4FCD 3 KB
1 KB 143ms
123ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 08:46:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4FCD 20 KB
8 KB 89ms
68ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FCD 205 KB
65 KB 282ms
211ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 09:05:14 GMT

GET
H2 200 8683344063215135973
s0.2mdn.net/simgad/ Frame 4FCD 60 KB
61 KB 168ms
52ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8683344063215135973

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

506bafc5e19fdba479d912204ef60ce4c94595238b59e7fc89091b94c1acf3c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:03:03 GMT
date: Tue, 09 Jan 2024 09:03:03 GMT
x-content-type-options: nosniff
age: 172931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61557
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 09:24:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 18ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.edonmanor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jan 2024 09:05:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B1CA 14 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=edonmanor.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 828153
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 55ms
27ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jan 2024 09:05:14 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B1CA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=edonmanor.com&sn=ChromeSyncframe&so=3&topUrl=edonmanor.com&bundle=ZUzvTV8xM2lTYVBLNGZQTVhHQmklMkJkWXNPV0RhWEc3QlFhaTAlMkJOQmolMkZIRSUyQldO...
https://mug.criteo.com/sid?cpp=XtDs8XxDZXViNE95M0NqemhieUkvdFFsaUVwZDVETkxiUzUySlNnVjBnZmY1RWlIRjYrMzhnQ3daK2MzVzlQUVN4VGVlbWJqMzVxZlhJN00rMk1Scyt6di8xQzlJTnpNNHZTSTVBL0JHOTlHZHkzMGJJdCtmdlJwSU00a3...

433 B
654 B

17ms
17ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XtDs8XxDZXViNE95M0NqemhieUkvdFFsaUVwZDVETkxiUzUySlNnVjBnZmY1RWlIRjYrMzhnQ3daK2MzVzlQUVN4VGVlbWJqMzVxZlhJN00rMk1Scyt6di8xQzlJTnpNNHZTSTVBL0JHOTlHZHkzMGJJdCtmdlJwSU00a3VRUFRmTXViZlRGOVR1emdHcm1RZU1PSEEzc2FqTkNzblRCWEZVL3VsYjY1ODJqNW0rSmdMYzlBZExZSHlwemYrd1c2dGJoV1JDVWFvYUV2eGhhb3YraUowdE8vV051WUlQZ291MlJvTkNYc0NRYzlxeE4wT1B3ZVJ1OTFBODdjMVM5MFBvQ1lGRytqYUtOMUlwK3lTWlVXVnRoVUNMbWs4U1NqY0haYlBjQTFGT2V4KzVhOD18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

932322769c564ae9269d0b3bdf97e468e162f3dc141ec98bf18f4053cf4ecbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 864853
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XtDs8XxDZXViNE95M0NqemhieUkvdFFsaUVwZDVETkxiUzUySlNnVjBnZmY1RWlIRjYrMzhnQ3daK2MzVzlQUVN4VGVlbWJqMzVxZlhJN00rMk1Scyt6di8xQzlJTnpNNHZTSTVBL0JHOTlHZHkzMGJJdCtmdlJwSU00a3VRUFRmTXViZlRGOVR1emdHcm1RZU1PSEEzc2FqTkNzblRCWEZVL3VsYjY1ODJqNW0rSmdMYzlBZExZSHlwemYrd1c2dGJoV1JDVWFvYUV2eGhhb3YraUowdE8vV051WUlQZ291MlJvTkNYc0NRYzlxeE4wT1B3ZVJ1OTFBODdjMVM5MFBvQ1lGRytqYUtOMUlwK3lTWlVXVnRoVUNMbWs4U1NqY0haYlBjQTFGT2V4KzVhOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 412455
content-length: 0
expires: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 35A9 38 KB
13 KB 53ms
51ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C491 13 KB
5 KB 55ms
55ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 08:36:27 GMT
expires: Fri, 10 Jan 2025 08:36:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B67E 829 B
1 KB 169ms
60ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5307d475d1dcbf815d9d8c3fa96662c224c6a7335f0fb6c12214a312422e4e69

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SOZrGUyAIEXtl-5oIBes7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://edonmanor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SOZrGUyAIEXtl-5oIBes7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:05:14 GMT
expires: Thu, 11 Jan 2024 09:05:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1

43 B
733 B

33ms
33ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEKuLn-MCGIuInIMCMAE&v=APEucNUjaCyD7RQjgx0T81tBJ1VgZ2u5rI1lVkq4ztC_9DxbbHdqyQu-kxB8uK8zEBr1s487HZs3aG-bChDjPSHaVECEsTmK2LSgXrIEHN0FvmM5RGgfJnHdzRuqCEhx1dv9y2nTUePeaYQ9__fNk5WdSUr0UiJ02bWrpM5xsna_j0-HIvvdVkwMmyBR6EAhWNt8jXnuWdIEGm9P6TihbhXENp4Nmb1k1g
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmWv%2FlngwfkLEkcvQ5kOrJ2gIEygiqThNJHLoYfPyrR6d7XSCXe1ULOFQgvtDCWTPADZJ1HWqVqC3MtLAOsaFnQdxiQw5A07Z%2F%2FTtgkdLWRc3YgDSlyXTsTrg2nfvrUc1WaFcovE0ypJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843bff324a5f9948-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9E58
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ.vSoB2fYBjLbu1xktCvwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2

43 B
738 B

31ms
31ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEKuLn-MCGIuInIMCMAE&v=APEucNUjaCyD7RQjgx0T81tBJ1VgZ2u5rI1lVkq4ztC_9DxbbHdqyQu-kxB8uK8zEBr1s487HZs3aG-bChDjPSHaVECEsTmK2LSgXrIEHN0FvmM5RGgfJnHdzRuqCEhx1dv9y2nTUePeaYQ9__fNk5WdSUr0UiJ02bWrpM5xsna_j0-HIvvdVkwMmyBR6EAhWNt8jXnuWdIEGm9P6TihbhXENp4Nmb1k1g
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPyXnSXHmPsmpKlEFfI7nYCOHcp13i0hQ0466GFvkO5FbpSql5foLbrDMBqAUxQ2TkZY042HKyYWAGzN%2F3rzzrCVfqB1IF%2B%2FqiRu%2Bv2Jn34lUDceLhV%2FoMdG4CODQ6ngq5HPqk7NO%2F8QNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843bff321a2c9948-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9E58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

43 B
1010 B

16ms
16ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEKuLn-MCGIuInIMCMAE&v=APEucNUjaCyD7RQjgx0T81tBJ1VgZ2u5rI1lVkq4ztC_9DxbbHdqyQu-kxB8uK8zEBr1s487HZs3aG-bChDjPSHaVECEsTmK2LSgXrIEHN0FvmM5RGgfJnHdzRuqCEhx1dv9y2nTUePeaYQ9__fNk5WdSUr0UiJ02bWrpM5xsna_j0-HIvvdVkwMmyBR6EAhWNt8jXnuWdIEGm9P6TihbhXENp4Nmb1k1g

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
an-x-request-uuid: a8121028-ee75-4003-8900-bffd8259518e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9E58
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

170 B
232 B

116ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
an-x-request-uuid: 85c38cc5-2337-4565-93bc-c0bf6c65414d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7EF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1

43 B
774 B

30ms
30ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjv8576ATAB&v=APEucNXHVph6fuMkuzcKZ5CePTh1oUpZRAg2S1WKYm8HV7BThKKscNNB21OdB_nh8k2qRcJNJ-9ZzzrEEyKnky80edYuYYXAtvB4vIH-kkX9yU-S1ekcxOS9VDcsi07TxgzyGiBD9g_DK40tDNqUvoTFAPUIjJPyyFBeH2ONpKp8sk3aW_KbwtrX6BH7nsan8IntpgB1H-z_81MjGjjtFXlt-DpO7zSvrw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyhV%2BO%2B6zzXpSNbk4Kx%2Bulrq2URoDKMsWlDAdGWuyqQCREaN%2F5NDMCZ8mq5pTx4RfmuIK3w8%2Bt83UAIVhTPZc5XQNJKb9ts0fm%2BvH9Risjisx64OVfcsqXuj5sz5zFKjnXq5Bh7YIpCTIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843bff321a259948-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoKd9NiWGXjdRCILmuTVCQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7EF3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ.vSoB2fYBjLbu1xktCvwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2

43 B
739 B

36ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjv8576ATAB&v=APEucNXHVph6fuMkuzcKZ5CePTh1oUpZRAg2S1WKYm8HV7BThKKscNNB21OdB_nh8k2qRcJNJ-9ZzzrEEyKnky80edYuYYXAtvB4vIH-kkX9yU-S1ekcxOS9VDcsi07TxgzyGiBD9g_DK40tDNqUvoTFAPUIjJPyyFBeH2ONpKp8sk3aW_KbwtrX6BH7nsan8IntpgB1H-z_81MjGjjtFXlt-DpO7zSvrw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATlLs6BJeEmbdkbxMrR%2BN2BeTB7GslrDdpIiObX79HLF5%2BdwQpHQ00mAArcffQfpb7gGON6EHYlNOr%2Fmpijk%2Bwqp5SUDiyMGyBvtgrWtI%2FVPG0wuQg2HVAp5BlcdoU09%2BganY90%2B%2BqE4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843bff324a5b9948-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIwXJjTHhk6H5U9hMLygI0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7EF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

43 B
1005 B

18ms
17ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhClv9XzARjv8576ATAB&v=APEucNXHVph6fuMkuzcKZ5CePTh1oUpZRAg2S1WKYm8HV7BThKKscNNB21OdB_nh8k2qRcJNJ-9ZzzrEEyKnky80edYuYYXAtvB4vIH-kkX9yU-S1ekcxOS9VDcsi07TxgzyGiBD9g_DK40tDNqUvoTFAPUIjJPyyFBeH2ONpKp8sk3aW_KbwtrX6BH7nsan8IntpgB1H-z_81MjGjjtFXlt-DpO7zSvrw

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
an-x-request-uuid: bbd6b474-b320-414c-bf70-1e77ed90ffb7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJe6kM6st4RN0MAJ8jhYE1M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7EF3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

170 B
243 B

103ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
an-x-request-uuid: 8346240c-f3e3-4157-8963-e3f843f8390f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzY4MDIxMDMxODMxOTU4ODI5Mg%3D%3D
x-proxy-origin: 185.213.155.171; 185.213.155.171; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCE 0
20 B 87ms
87ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9235712416186&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCE 0
20 B 85ms
85ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9235712416186&version=m202309260101&ct=119&x=1&cor=9587174079708744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1DCE 96 KB
40 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dj-2R1Al-vi-5uokVWI_2kne2-loHwwObjuUCCJhHP5YzFeXX2YOF4nBTMBC1JSkheaxoXpzCadO7dHJvaW8dgJAF4WLvORdeSPKWTIFctZAFoThNke1oX2xvMgge1d54gsozX4j8kWYQE8yYVxeN5T5sa31g33fSy37vwXqDdQM11yUjKkI6p72XEaDhHtKvfwSsh&cry=1&dbm_d=AKAmf-AWrnj6CYaaYCG3Po1HSVY1RvAcETc8WHHxg05wbeye0OhljaGldFNrkL_KXpSOv1VwJFDS4kVIor_tFACmRlJryWHBpQX2_IRYBFbERAxhlvWD2XhJ1Tm9pNR7FGukmvaVlxS9ALlZ9jq_pxP6KLyO06tneQuEs0hGyPEp91HnFjery7-e3D-Su8XZrApQW75m7LjuFxeRHlnyKwMPwJ4ZFLXUuG8HOKyKNbVj3g-Bfe72aYgdloCp2AkluqvVX_mQYDMK_r_x0lXVQtMCVxz6I9jBuayQ-gKGvq9mudzvsUsQiQB3BWnEqkg3NwKR61iRw9SZdXxMnzmO6qpAf-htBarqzzlHgBrKhT1Qb6wI9LkshqWSUQYp3t-_pjR4eCQU5Ts7wMDbJj3f3Mk9extu56-hbuqQT12byRU9PlgM6MfuB2udbNQR72zjNIxybOGoJXk45EpIHhW7TVfrkAMbbyildFg-3WMwuK6bRVLNxQxdPpF0llXdj9X1crcWIg8j-9h5h0lSWrgOUOcSPzd_lckAoX1xVevAyEuVeasUf_Lp9s3metRW0aeVTUvrTZoMuAt3u922KFAo-Ku-MEmdXiuxXzGsBdq8borNz7EHH7YPn-rMcN-D_c9SwwcP1eAeXmzyVdqz64Xl4C1kZconoDTfYbyhLpwuReSU31qJuKfcSsssb87oYD44F0RdoWnZ_yMHNyKVK1f_NRxKbVRnF5T76OTJoYTdwWFC3lb1AmastQwVDoLMbQyO1MTt2nyGaiWm9BJerTi7FDQwbGZVridgy3xxnadTHrAljykJaqtTgI1rSN831Unvbmp0IBZPHY0jcOeMYM3iMy5pBKwO2LCXpI-qX95UZWl3VtmYRSz2hCGN6crr3-sv5qdo6n-bi1GEwuf05dSsPkLCSnQHIYZGdzsanydPoDBLhTDhLgQ2mS1__hhQH0alI4xIqzSc_mGrdP1oseE19_aeJYWBlxRFzHeFHH1wLKHwP4RbJCHS5V5Jc51DUPXIsfhinkiDf1J4ZsSqV52GE_NC9cMUTDAQRHp8Pf_EGuOYHNpIQM72_wmsAj4MSBBbN-SPluqVIBGIM6sD9-fgHypOnXPlCIAyq6oIlPYIot_a7w6TpO_-jSqJVBlJe3C5ff-7Rae8iKUNo_-hheh_B-bNTzuH-tKhmYcG0MLqN3s3vVwE0KobssMYf4Fi4VK-5AX20JW3Vlm4ko4isFtNdO3h1NebYgN3yM4whdbOyfzhzqbOR9NpMsAUOe6V_ayprpmTOzRnBLvX7takd2n2onqd1QHs8OXO0vOYko9aPPAAK5j42to_vFOKtDb0Rjlaz8PPg5hI_z2gBDTkSXxVFccEjE4cYZ8A6jWCnu64oPrcWQXM5Jk2xVy0IzR8UYMAEF2wTD5lRNT6Crfp2Hbryi7lk4X6nA9MN_G2IGZCXymva79CA4edQ1un1UX-NKEGGxNMzViLKKZWW2zni3eD3yNeSkmez9xIKcYXKRrr4bwsxKXgXcZo6fW3ReVmykw_QvnC2pnHQuw8a2oL_W7fFTnxBA40MPtyzsEJtZCbv5jPCNzxC1tL2ePOG0p_jZj4FI0YKkesC1brgJhRtP4IcXcdmXPASNo9JJHNo3e4LksBo_eW_kv9tcAqbi5OS2-ejgcKOf85H1gSCQFkLx15a-Y2hM7HCxGWm4Lny85YOKEtIUEfiQjp5qFSlCVY9l2rPdyGzjM4yS2vZ4_572FPCb9-JC5WIdEhdWfq7NkPfHHuXWbFSW56Ce58D7DbW8D-lZqyk8z0ecvV-IErq2fUkRtiIh4rZTmixad_uE-TBmAvFLgEdYmiin4gbEXWw_QE3xJBP5BKyZxKtwin10ppvajuhUAIRCKkcFiLdwJUQQ57MrEWS7PKLKg0POhhqFxrvYZYf7BZmFMxcwjEfi1l2H6fSl_DjEXz9EE-oQgfI-gjhFsNTJ9pmERMmo04DoaOT6bK01OGIanv3ye-qtoTyyliycQUX26LhtLtZwj5DohWenauBZNmviHSRFZ_wIeOrFYVIuGiMDT4VAlaRBPh0T6AyXFwVt_gZxez34iQgXTHXFgak5spgtstBlILd5RNqCqHmKiiuLuHFiOv4z7MMsXPrkPA3XUU32qGHK7QibeMCtM8AkdHZzgMeyKKYsYK4rDuQOZJ8oLdN0b0aXm2rugl_h1s6a6vx2l90v4_IQECAKMhvIWBGfRmTaTepAtFGZeu-9bmgOO4TyYjxBgTIvU0l0YbRiTVz_KtOs_CvsCXglGE1oKHfFIUpO-VfozjdLRrWqmhbmrViNZXAR5-wl8c8hwBstroHAmsVqpcmQb0Zo670H05JqhcaI-8tpvJzZ-C62p047cppXezQ7fgfv-fBH5mGE-MaOhLlxyd5huMLUtplTDUbv4SQVabMBcr_0S8IEyCvTltQYBmv3GC2e2RJpxQmWI-zli1EIoVz0A_q-Ql-JXCd2InA0FyUQ1Qn8ctlViUYFdW8d43_YA2gO59Es2zu5WFbkXroUq6fcfZXb5e-05YS3XS_ueOXWDbEwXviuRWeeLetBj4jKqAc_c7Gc70c5e1Rhnnal-Z4eP3288mw6oC7xFJ06gw87FlTCT21ZINCP4SIzys2GYHFUIQOBxPborpOjpxq6hKcPlpfhbuOAqYGEWpzEPSOgMI7ytD7DtXVRkqx6fCtX74rYlIfPzhfVjMbBuj8ATm7l-6Nu26nXe12R8ikh-PHa8RgCn2iDBScvgYe1hk6hpD5Yo8s3qweEO6EChk_0dmRLxcalQ-PMYbkJ-CLo9alxcediOnRubHMhqwVI5XX7nNOhdRv2matUE2f7VVlv_35i37qPkZ6dQ23X4JMcmTF-t8fn7CuFcQUPo2arf3awjgGmJmlPz3D4r7qF_9PqIfWObazGuTfmpw0IilvyKNV3OC1gee-6VDmWVvbRj9dgCczWhMeUUycq0GN_YCoJ3mdyXl1T7NVzdG5_YzHjSENm1l2X1YthsYQ0PTU09I1rfTCHBgYjnLlSZqG7I7J9_BdaHCIamWO14Ac0YW-XkL1iyZChb8v2Q3VJ9V6yLTmXSklj-JUFkPb7fOdDPLQaa6n_2VQuX9VHp9RxomPkNNLjlxqt7ZVFTfrXjw7TOwMvWfv7OB8brgkatX5OJAdala1MQJUJGoG-zoRvkotoAb-qYlINtyYZefsBtmcoGdrXIVdTAgKRniQFZkSZ-LcdvxT4_kzL83koK7sYcBTB11vv8YeBgzUhyWzXr0rhPDig6tvClMKoV7c7KxXb01O5fqoDgATUZM-9J-taqWKm24lDVUI6v7Ufz4euAh9JlqQdaeV20_W-4DylTDvmgMno73W5_AqDvzNbX6Fl5HfywaahMCJ_-B76xQ0CkRcz9y3M2ps09VZzZmODoXrwt_I89-QpEuLK9ThIIoy_j196dhdfpXF_eybhi6UPgHGiWH_RhOFl1klUwsMakk4A2HV6Nm5GboV3OPhDCbuvh9SgTEPRQA8m51i_nkAEd1Zc82OEr57owK_1RePQKXyFnSiNvkvcHuwB8nfnR-qH-ipsFXRzQPameSF2OMgME-OVuMGMOcb0sKiuq_0Ekx9nTledyJNqORqo5-G531V_zV6iuKTP5F5h4L_7xrmysniZTuCp7C_FhbLSClbX7F-43OjoBJzJH5s9qlJKPNQgdIZrRtBIxo9S9qBjyesNW_LAvRL9LUbdCKb9DJ9_EkQoxJYpz0mlLx2Mc3LHXFplYhtDm3PwXBQv2CK0ArbjTXBVn5JmlQvFNs9QhSHDMnj3EESlXla-XHiwwBIxMd3EjVxTVtSs94D0GrLQ_KSjIEJl03I_mze2Ht_aMSYiM8Lg&cid=CAQSTgAvHhf_Xe6k4pwDuYx4M07Ldoqlqh9_JHhXOZPemEH07guqdCfz5crrI34_DCDeksgvFWIxQhQKnfWYFol4YcJozL8XVShBAjj--SL10xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fedonmanor.com%2F&ds=l&xdt=1&iif=1&cor=9587174079708744000&adk=1761367584&idt=264&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5941da772e00613d1353f664dd7a55153703c598daa44312a6510b1928cca8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 35A9 39 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame C491 39 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4FCD 0
0 74ms
74ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvWE7d12mvszzdnsZOW57gEJ7NJLhACwJg7B5sSPX8Z9ECdnuesi5deD1kqonMPZztKZqLTg5yYB9h8oFlDDNrQCXuUS4cOxGBipu1pnkeQpJKU9950ipR-5WZNOjfZvp_l4cQ7THIxfLVEvv7mSp-unwJg2uNcIsTqSwr3pKbYxYADB6z14W7ddSg7xamtQPiapQbg1CHZ98La--C64deUmUOagh5zXgsu7CqFnJkyJoLf38e5-8tbjk1-_g6bTzKn3EUvzHgVQezFYZaK1jrB7M9smuE7PTvR-XfScx2Cpn5sfEsRWe7mbkfD0GBT2xHg4mORwZqb-ctahoV8LvnMtW3e5qZK6H80kL8TurwMWngPBqDznBdHBDZJymq_nBKu8X0WbPdUJxfyKtaSRRGkDd_5HQc3zcR2HSFLiGpidXVh4UBuPB-GkG6IXUrlvlLDPTTWJpnYUj_TjkUYW7Yi-JY9jik2pEN0TpwQdXvdsRQF-uQOLSxbzEdFGpmJYbR5YOoo0AxaWCYpoZ2wKafy-bzp4TSBM7KlxLKjs2CC4vP_caO6CqOZCR0yOO30Pc5OUYsqrZJuTWHq6dvGInyZXkvLd6WP-XUeiMPM6E06hv67PAEbMcEcbIA1q9Ipeei_CLdh_xmwhKXPpf7n_1rdMMLWBcZcOG4MjtugpC9AJNa0_9QYQYezuc_kgM7JVIo9lNTof3StFV2z_q8liF2x5bNen7vth_qRmtv1fX1Kwlq1Whdru6_KrYAotpp5WJQoXjPN9zNkKRXtADXscW6T6XuZE5zwlohkw7xLVZ2i-zpjqc_5UgLSdZoH4PkamMzjyFsLUXvdYrh0lsROzdrHeGFzWcGmxqtXIKYLcB1sJxfHhXPIzjtVTgB7G30GaVqm2JwcX5uQ_yPtwwYjgljOQln8jCFiiNlSu7Rz_E1hwKb3RUsWQQ-4nc9ucTJbwTPMknhujORhHy5tcqVP2p3fgUp2zHBA8lNHFrKXbzJfhe9wETFFmn1yK39GkMiGzL13zIJ3ZATYzvla8Q2h54wap747qjXlDfF_m1aZ5z5atkVka5VAbuFw87zbC9a6YQZa8w0vsUpUvEcM-aLjMywPkOjiUhCzXqLWG0Owdh9Ur47S4TDkKKU2VtWCzLx3DuaIVjB4-doL-Rs1QvKIDhAzFbBt0c5yFGRXZJ4dX6RFo3TjFpSRkfJVZMZ5I6zK5FOqRnbadOsJS5HwR6sn2ZkEi8vrkaaP2TUDkr9DWeZfBiK2BxLgWiPAdxk2xv2OpoZgQAUqAW1ZDPXwyShSLEkW3j7KyrGqVXMZoCJzyPGvr7CDdqsq-McfrDyyFTcLujcpVCk0Uwmf1H0o&sai=AMfl-YQPfmMLQIBUzp1nGxldhEIIFb_L8O7UvNCUkC3PSfuSTVx_rEkIwHO6OViBwk1kaYNIgBwTTg1KIphAgPOBOAlQs0t__aMTwRYp1beHNxnV_nSBa5AlhH6iIssJCUrqSZhiKXS6nwmn2qa5KTTErKam_1Te05PS7g5P-vXfm4q8y5ULayneMddti-tdtNSW5ooG-zsZedHhx-0GQ6nKOlE9qqh--MR3Ikl7CtlCuDBF3Y5HBHBKpdgJivrHJ8NmLJKArBsAgq7cdnww85cXxI4-3jz-ysOb2xp81HSSGUebhswQTCfQQZfunWCHnyH2dJwei9WiC6UY6IgK1nllsqfqLnH__aFo9pt5sidnLpym57AoahodWzffoO9g-zFm_WvXSTAfiif0uhv_INMidANXnqpYbQYqAAgs3Gl3-QT9DLEe5piqqmgHBanwJWuDwQtWYIdJe-Rki8PhZ-gXIWpIJOHJzuQzGXuxzLnPQyUwZxx2WfbZ6cLJ3y9pyKOEUuOoH64&sig=Cg0ArKJSzItjmwy9R39IEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9kb3VibGVjbGljay5uZXQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=262&vt=11&dtpt=261&dett=2&cstd=0&cisv=r20240109.22487&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B67E 0
0 85ms
84ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401090101&jk=3691184608092061&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C491 0
10 B 51ms
51ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yqC_Cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:05:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A9 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BKY-nSa-fZY6XF9-X1PIPvfuvuAgAAAAAOAHgBAI&bg=!jY6ljsHNAAaumcC-jpk7ADQBe5WfOEFny2YQArS6DWBTX5gorG8meQ3rQq5EXe3lz79LDUTeq6k9oZP8aIixfzm8UmFbAgAAAEdSAAAAAWgBB5kDCiR9h3y70TJKJQfIHXExhhgs52CDk-ChYdnuSr7EdxI3btLvJ9febVL_uUHPgDSyeqQYFX_OdchDMd1xJb54uxCWMPhsPsV1El3R1xKuzbq7clN1VDx8vFy2xrPdZ98xNRz4fuSIf0HzzPcMu7b6kMSvOa8mzb5gJcoajrasTVofAV04Uu8qZWXpBQ8x1lrCCg5jwqU_MxB21MyA3lJHAcRnRivr6DwUOSQCy8n4Xl1gvisISdo8jcH15fzIy71J7AU-Ak77Nq5S1jQtIgJquelEXYNojRY2oIzTkmLnMrIAYaKXo4Jq1VLGuUsvlQcjrvLMZkGHtHKumN6eH2K5wKgTbUIcGVZTYPqBtuw7cFEOIZAn82Wtx9wtsptpoN3axYSGh8HscGDUzeEs2CUe4Vu3LN0oC98EbHT63e4F4mNu6Bi2dEUkiti2ZwEiA-Sq89Nty3d7_Qy2u0Iy5unnDO5hcA5d21Mv_JIKXzIZFVgkzo1jBT9y51qkCJRVN1oOEO21sGMeEsJLr4Gjpn8iM42ZGx_QYU-L0ykfaTs9RnOb_fdizm-FGfuOUkYPNpCx9gAdVSI5eYUNpqjLPepJolDui7--kEi2alH0Lhwrq73aHNeqJkInW_SkS_nHDu37nHOWG6Qj60eoEcAot7QQs6juP8-FL3TiDdCq_0LRHXfvkozJYBVPMRUWm7BbQ75JS4MSbdDxCJCycEh38OhagW14s_uM4P4Vc50ca5qzO0bXLKjyiF-uazkZCaSFz6Jd_ubw5iFIsW7DCDkfF4yNW-FPtcAd-0--QsE0WqR0jCCM2R4OjgIP3zMwGa2HtmX4wJ-ErYkJqTptFtA3Ptl6J_QGpVfMp-ybLUhVRtYdosq2HnjntGi8HDgWvxuX31vrWOKmV4TQU4oUT1KBEgxwgh_hzbn9ZLcv0sM7lUHszrAAjdjGS5iE_IcyTKF0Bk4_hdlNDWTzKT2B3rrxm8beGy1GcmAI2iftpamXzscS3DEBf0K_uG8LnHziFKKTtmmWDhdp2rZOs_Zm0Bg

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1DCE 111 KB
39 KB 156ms
53ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Origin: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 21:44:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 1DCE 11 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dj-2R1Al-vi-5uokVWI_2kne2-loHwwObjuUCCJhHP5YzFeXX2YOF4nBTMBC1JSkheaxoXpzCadO7dHJvaW8dgJAF4WLvORdeSPKWTIFctZAFoThNke1oX2xvMgge1d54gsozX4j8kWYQE8yYVxeN5T5sa31g33fSy37vwXqDdQM11yUjKkI6p72XEaDhHtKvfwSsh&cry=1&dbm_d=AKAmf-AWrnj6CYaaYCG3Po1HSVY1RvAcETc8WHHxg05wbeye0OhljaGldFNrkL_KXpSOv1VwJFDS4kVIor_tFACmRlJryWHBpQX2_IRYBFbERAxhlvWD2XhJ1Tm9pNR7FGukmvaVlxS9ALlZ9jq_pxP6KLyO06tneQuEs0hGyPEp91HnFjery7-e3D-Su8XZrApQW75m7LjuFxeRHlnyKwMPwJ4ZFLXUuG8HOKyKNbVj3g-Bfe72aYgdloCp2AkluqvVX_mQYDMK_r_x0lXVQtMCVxz6I9jBuayQ-gKGvq9mudzvsUsQiQB3BWnEqkg3NwKR61iRw9SZdXxMnzmO6qpAf-htBarqzzlHgBrKhT1Qb6wI9LkshqWSUQYp3t-_pjR4eCQU5Ts7wMDbJj3f3Mk9extu56-hbuqQT12byRU9PlgM6MfuB2udbNQR72zjNIxybOGoJXk45EpIHhW7TVfrkAMbbyildFg-3WMwuK6bRVLNxQxdPpF0llXdj9X1crcWIg8j-9h5h0lSWrgOUOcSPzd_lckAoX1xVevAyEuVeasUf_Lp9s3metRW0aeVTUvrTZoMuAt3u922KFAo-Ku-MEmdXiuxXzGsBdq8borNz7EHH7YPn-rMcN-D_c9SwwcP1eAeXmzyVdqz64Xl4C1kZconoDTfYbyhLpwuReSU31qJuKfcSsssb87oYD44F0RdoWnZ_yMHNyKVK1f_NRxKbVRnF5T76OTJoYTdwWFC3lb1AmastQwVDoLMbQyO1MTt2nyGaiWm9BJerTi7FDQwbGZVridgy3xxnadTHrAljykJaqtTgI1rSN831Unvbmp0IBZPHY0jcOeMYM3iMy5pBKwO2LCXpI-qX95UZWl3VtmYRSz2hCGN6crr3-sv5qdo6n-bi1GEwuf05dSsPkLCSnQHIYZGdzsanydPoDBLhTDhLgQ2mS1__hhQH0alI4xIqzSc_mGrdP1oseE19_aeJYWBlxRFzHeFHH1wLKHwP4RbJCHS5V5Jc51DUPXIsfhinkiDf1J4ZsSqV52GE_NC9cMUTDAQRHp8Pf_EGuOYHNpIQM72_wmsAj4MSBBbN-SPluqVIBGIM6sD9-fgHypOnXPlCIAyq6oIlPYIot_a7w6TpO_-jSqJVBlJe3C5ff-7Rae8iKUNo_-hheh_B-bNTzuH-tKhmYcG0MLqN3s3vVwE0KobssMYf4Fi4VK-5AX20JW3Vlm4ko4isFtNdO3h1NebYgN3yM4whdbOyfzhzqbOR9NpMsAUOe6V_ayprpmTOzRnBLvX7takd2n2onqd1QHs8OXO0vOYko9aPPAAK5j42to_vFOKtDb0Rjlaz8PPg5hI_z2gBDTkSXxVFccEjE4cYZ8A6jWCnu64oPrcWQXM5Jk2xVy0IzR8UYMAEF2wTD5lRNT6Crfp2Hbryi7lk4X6nA9MN_G2IGZCXymva79CA4edQ1un1UX-NKEGGxNMzViLKKZWW2zni3eD3yNeSkmez9xIKcYXKRrr4bwsxKXgXcZo6fW3ReVmykw_QvnC2pnHQuw8a2oL_W7fFTnxBA40MPtyzsEJtZCbv5jPCNzxC1tL2ePOG0p_jZj4FI0YKkesC1brgJhRtP4IcXcdmXPASNo9JJHNo3e4LksBo_eW_kv9tcAqbi5OS2-ejgcKOf85H1gSCQFkLx15a-Y2hM7HCxGWm4Lny85YOKEtIUEfiQjp5qFSlCVY9l2rPdyGzjM4yS2vZ4_572FPCb9-JC5WIdEhdWfq7NkPfHHuXWbFSW56Ce58D7DbW8D-lZqyk8z0ecvV-IErq2fUkRtiIh4rZTmixad_uE-TBmAvFLgEdYmiin4gbEXWw_QE3xJBP5BKyZxKtwin10ppvajuhUAIRCKkcFiLdwJUQQ57MrEWS7PKLKg0POhhqFxrvYZYf7BZmFMxcwjEfi1l2H6fSl_DjEXz9EE-oQgfI-gjhFsNTJ9pmERMmo04DoaOT6bK01OGIanv3ye-qtoTyyliycQUX26LhtLtZwj5DohWenauBZNmviHSRFZ_wIeOrFYVIuGiMDT4VAlaRBPh0T6AyXFwVt_gZxez34iQgXTHXFgak5spgtstBlILd5RNqCqHmKiiuLuHFiOv4z7MMsXPrkPA3XUU32qGHK7QibeMCtM8AkdHZzgMeyKKYsYK4rDuQOZJ8oLdN0b0aXm2rugl_h1s6a6vx2l90v4_IQECAKMhvIWBGfRmTaTepAtFGZeu-9bmgOO4TyYjxBgTIvU0l0YbRiTVz_KtOs_CvsCXglGE1oKHfFIUpO-VfozjdLRrWqmhbmrViNZXAR5-wl8c8hwBstroHAmsVqpcmQb0Zo670H05JqhcaI-8tpvJzZ-C62p047cppXezQ7fgfv-fBH5mGE-MaOhLlxyd5huMLUtplTDUbv4SQVabMBcr_0S8IEyCvTltQYBmv3GC2e2RJpxQmWI-zli1EIoVz0A_q-Ql-JXCd2InA0FyUQ1Qn8ctlViUYFdW8d43_YA2gO59Es2zu5WFbkXroUq6fcfZXb5e-05YS3XS_ueOXWDbEwXviuRWeeLetBj4jKqAc_c7Gc70c5e1Rhnnal-Z4eP3288mw6oC7xFJ06gw87FlTCT21ZINCP4SIzys2GYHFUIQOBxPborpOjpxq6hKcPlpfhbuOAqYGEWpzEPSOgMI7ytD7DtXVRkqx6fCtX74rYlIfPzhfVjMbBuj8ATm7l-6Nu26nXe12R8ikh-PHa8RgCn2iDBScvgYe1hk6hpD5Yo8s3qweEO6EChk_0dmRLxcalQ-PMYbkJ-CLo9alxcediOnRubHMhqwVI5XX7nNOhdRv2matUE2f7VVlv_35i37qPkZ6dQ23X4JMcmTF-t8fn7CuFcQUPo2arf3awjgGmJmlPz3D4r7qF_9PqIfWObazGuTfmpw0IilvyKNV3OC1gee-6VDmWVvbRj9dgCczWhMeUUycq0GN_YCoJ3mdyXl1T7NVzdG5_YzHjSENm1l2X1YthsYQ0PTU09I1rfTCHBgYjnLlSZqG7I7J9_BdaHCIamWO14Ac0YW-XkL1iyZChb8v2Q3VJ9V6yLTmXSklj-JUFkPb7fOdDPLQaa6n_2VQuX9VHp9RxomPkNNLjlxqt7ZVFTfrXjw7TOwMvWfv7OB8brgkatX5OJAdala1MQJUJGoG-zoRvkotoAb-qYlINtyYZefsBtmcoGdrXIVdTAgKRniQFZkSZ-LcdvxT4_kzL83koK7sYcBTB11vv8YeBgzUhyWzXr0rhPDig6tvClMKoV7c7KxXb01O5fqoDgATUZM-9J-taqWKm24lDVUI6v7Ufz4euAh9JlqQdaeV20_W-4DylTDvmgMno73W5_AqDvzNbX6Fl5HfywaahMCJ_-B76xQ0CkRcz9y3M2ps09VZzZmODoXrwt_I89-QpEuLK9ThIIoy_j196dhdfpXF_eybhi6UPgHGiWH_RhOFl1klUwsMakk4A2HV6Nm5GboV3OPhDCbuvh9SgTEPRQA8m51i_nkAEd1Zc82OEr57owK_1RePQKXyFnSiNvkvcHuwB8nfnR-qH-ipsFXRzQPameSF2OMgME-OVuMGMOcb0sKiuq_0Ekx9nTledyJNqORqo5-G531V_zV6iuKTP5F5h4L_7xrmysniZTuCp7C_FhbLSClbX7F-43OjoBJzJH5s9qlJKPNQgdIZrRtBIxo9S9qBjyesNW_LAvRL9LUbdCKb9DJ9_EkQoxJYpz0mlLx2Mc3LHXFplYhtDm3PwXBQv2CK0ArbjTXBVn5JmlQvFNs9QhSHDMnj3EESlXla-XHiwwBIxMd3EjVxTVtSs94D0GrLQ_KSjIEJl03I_mze2Ht_aMSYiM8Lg&cid=CAQSTgAvHhf_Xe6k4pwDuYx4M07Ldoqlqh9_JHhXOZPemEH07guqdCfz5crrI34_DCDeksgvFWIxQhQKnfWYFol4YcJozL8XVShBAjj--SL10xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fedonmanor.com%2F&ds=l&xdt=1&iif=1&cor=9587174079708744000&adk=1761367584&idt=264&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:52:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 1DCE 31 KB
12 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:52:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DCE 41 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: edonmanor.com
URL: https://edonmanor.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 212378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9C87 38 KB
13 KB 51ms
51ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C87 39 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/6108150429934123112/ Frame 9262 23 KB
5 KB 52ms
51ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e2e0232cf500d5f0723e8b6aa8644f320ea85cab361b6f9f6762df57175908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 172920
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5304
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 09:03:14 GMT
expires: Wed, 08 Jan 2025 09:03:14 GMT
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 9675697b4c528b3e0f3e982c8751b9eb.js Show response
s0.2mdn.net/sadbundle/6108150429934123112/ Frame 9262 66 KB
19 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/9675697b4c528b3e0f3e982c8751b9eb.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a55507d56bf03708aa74289cf3d7cb472e2d26153b7f526ecd3667e7b3193b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:13:28 GMT
date: Tue, 09 Jan 2024 09:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19349
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C87 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BozOKSq-fZaTTIsLJjuwP3o2RMAAAAAA4AeAEAg&bg=!nZ6lntHNAAaumcC-jpk7ADQBe5WfOH_zYW553iEr04S39AvqC0Mebe_DKjJsqhSuh6yamfjQAFB0Yyx4Q99nIyyxForXAgAAAE9SAAAAAWgBB5kDYWFWw9g7ukdUdkXUDZN9mW67a4zmCknUALur8Vh1pHnSeA6rUt-YjVS5jaoZga4ufy7FAiG_oOmUwiS9FjdirANmCKzts7K42u0o0ub7gepqBC4RSZnlW-6D_3ZWL2AQIcovSOpPdPm_3n28lZsgHzTBsweO86VSoloCCdx5Fv4i71ik5yjvrt6lF7wUK_YvUu1OrgwtdikfnkQNAoY-zoO9DqHVRjxBI1-KPUHp9AjXuJAnAGGgq-RqYJqUbligIcyXP-8h6ptbma1PMwPOg2na1iT1I9waCZbh13LJcM47D8_1D2N9t0exijV3KH3eyl2hwa-r7sagG94oMeoztnW_-WqLSny_7DbohsqUlc9s1fqybw89ZF9GdG-A_AiaGDyeF0-5yyAf_rEPDy36pchDfmiPbb-b_ZkfvR2RXOzFJ9g0AoWB1J9N6MpDaroONqpnnWMslA1ZzIH9bU9dsngfnc5qt5ZseZ8kda7fT-RwuRfjHKLCsQFiKpV1cAIgzaWA_YMODIm9DBnT1BSv3O4eoaAU1Q9tzsskCmFGqLUGGxwUBMczXiLibuSi7A0SIs38QxFXjOhXJIvR5U26u-XCA7Fy9T1vDX_N5kZ6i2aNfaznQvgUykd5AX89RpqzDBXemeaYitcINUl_iUYeIwp125VuY82pLzdjO7tSj6LijGIc6vOvUkgt8BfXXfSOmmBa7-iYsSMMClO__oxq-d1jHPK1jvYBrJGai1AxYE0Rx4XmoZMo5Tc8oH-UHpwSqYiJ3LJQ0k8_QuVGkAcheRaCgBOpRvpWcz6Ug2itwExKw7bP3XLwtaVsonSbeiaZlXLPKYtnRZ_PKeet4m4JZH_MbgUZ4PpIbXltDfc_cWcY9eY1sA0RD8VcgQqlqrLS74Ps7wOn_WU4r-QptEn1UCZAddYEPxaVKF4zqIjFcFytZox4_A9GcTHiWb5LIE9tQRHx1UFvndwjldZ_wzC_SVaSOKeLPa_5q3KNMCesZya6aluk_7kpG3_O3PkS3WBAxgXLe2RmAM91j1mxVgpZOW8K0o9MZN6SXqMOwr28lTQ53p7AHI-3f6qnu_iZTooN7-8UDDAjuiBBrrCwIYek-rY_PjRRiO2NSo3gvxB5DoDD-2jCA4VYOOuk3TQ67OE84i4

Requested by

Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 19c65c001f0df354a1f97fe516d7522d.jpg
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 27 KB
27 KB 54ms
53ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/19c65c001f0df354a1f97fe516d7522d.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32e80ab93b34d4b6ce2db54bab34c5e4b8f3b5338e4c70a8af6905fe1437816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:03:14 GMT
date: Tue, 09 Jan 2024 09:03:14 GMT
x-content-type-options: nosniff
age: 172921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27156
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 aec96116545bb8cabf457132de470590.svg
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 8 KB
2 KB 71ms
70ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/aec96116545bb8cabf457132de470590.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b4e7658e90e7afca0c35c16822dc51d89f435c684fb54b4fae80b8caf7e98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:03:14 GMT
date: Tue, 09 Jan 2024 09:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2021
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a6bbc0bf7adcea5559699818d25507fb.svg
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 2 KB
1 KB 74ms
73ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/a6bbc0bf7adcea5559699818d25507fb.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:03:14 GMT
date: Tue, 09 Jan 2024 09:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1059
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 a29c7e0c30ad1f37fc4f2a348dbb162a.png
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 7 KB
7 KB 62ms
62ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/a29c7e0c30ad1f37fc4f2a348dbb162a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef21ee3880c770c553ec2e025c2fa49ab79ac51934fa041f08fedf9790c2c0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:04:15 GMT
date: Tue, 09 Jan 2024 09:04:15 GMT
x-content-type-options: nosniff
age: 172860
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7212
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c6654e5faf6da9b6ed3d6e0e0d7d4335.svg
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 9 KB
2 KB 61ms
61ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/c6654e5faf6da9b6ed3d6e0e0d7d4335.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e8b543d54ae0af6da7ecaf0991445b6eeb759ee37f9d91420fe205df2c2611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:05:20 GMT
date: Tue, 09 Jan 2024 09:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1902
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 f8995327ffda5d6a8f4b3f0ed4280897.svg
s0.2mdn.net/sadbundle/6108150429934123112/media/ Frame 9262 9 KB
2 KB 58ms
58ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6108150429934123112/media/f8995327ffda5d6a8f4b3f0ed4280897.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e140ecc3c649a4f5f48a586077dad2f1f3e0b3f17c78386b3d639222c16a495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6108150429934123112/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:03:14 GMT
date: Tue, 09 Jan 2024 09:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 16:32:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 main.19.8.471.js Show response
static.adsafeprotected.com/ Frame 4FCD 213 KB
66 KB 30ms
8ms Script
application/javascript 2600:9000:223f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.471.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1686316/75378114/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:00:17 GMT
x-amz-version-id: X9sw1Zr8bAUw7F7sDeuDh.4SKpCYb.Kd
content-encoding: gzip
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 212699
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jan 2024 20:21:44 GMT
server: AmazonS3
etag: W/"daac96423996349da2447fd453e5f6ab"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kqt4-SOIncptP777gGSGQjAuzcM-PEZ0AKHGAdto_g_eexQ2lzoMug==

GET
DATA 200
OK truncated
/ Frame 4FCD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce3dff54a6241e99217cf4ef9da97a171d16782f1bcdc4ec30d83dba75c9eceb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401090101&jk=3691184608092061&bg=!t7SltPvNAAaumcC-jpk7ADQBe5WfOCDnFuj1Wn5rtnAY_LG_XSHpOOCMoM6BI6E8_EqZxUNx_fc5LssvoC93X-hLUD3rAgAAAEBSAAAAAWgBB5kCwC8I41ydh6fIvEq23QVITOU2Fo0A5j3uPmwZQW13J1Sp4r97hKp5mlgiyJXF6ZEsIjpA0RQIeXuZ8zZ8vUadcrmlhTMHDNZRj0nF766NoEj01N-wKwhUqRpnsi4lgAOUG1i-6CwuajMYBmxz9zdYgVgkfqBFRARbU3FJSA6H2fFJ6vX3qpcmbz6JMSaMdxjMTfWa2fNHcvv63csnPeTqeEXHTXoA7Ej-SIB9L7tvqdg1o-Dha8dl53SSvLSoul7gZu-Oek2iBEn5H_55EVjx7svjkApUXn2RRMvS3g9k_QyZyExEsPJTzghr0Thy9STPgkcQsxma13Cm4fzd0VtRyhj0mBSHPz11Eg_Vm_i5Ce8B3BJnP_mr8Fpr5ZqSFIwgYRMh-yXVlwMAZTpNMNfE20Rs0HFtNoa87G8o9IBgsQ021GVanpY4MyRAzyxdimklrTiCOgATce_y35GccdJTNO0l3d_CZQwcTwWQFrqA_GG9qRvJ6PibAq9tvLUWX3v7zu2ZMsZ6CLbXeyok6BMCrE2vrUEoJVhFG15PO1tdIeFx3sKaFmwExgDk1990qRi-JMOszC0mmcLPgYZ5HEHZLyPZK2BzoItAL46E2pzc9qsJywEz7Bui8pb0l8vX7xt5WhCiuIEiRfpUbD2mFRebbK6rIg2sM8HMkwdpolwsZ9fXs0z2A35PGEg3dYHq3NMD5YdZW-FeLTppzfLH1xQZqC6lroWYyuuHBQoOEsSSLiZwToSwomgQXRBmeKPjV2NojqOESzCXU7LuCOdexE7_-ori4fKlN9h4GlqRoNeht4D7NNWuX-KerixNMbHlLyXuzn5ANFaGvdehJm3fCwNJctkg0UKmhC_ObRcvDcIvSMslNkxDAfevvu5OuCWm52PC9Q3HU3MdwGxBjOpN-vFvOoppegxeDTDR9bPjUrj1EAjQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edonmanor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 4FCD
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1686316/75378114/skeleton.js?adsafe_url=https%3A%2F%2Fedonmanor.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fedonmanor.com%2F&adsafe_type=e&adsafe_url=https%3...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

7ms
7ms

Script
application/javascript

2600:9000:223f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9179037
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: krSsrvZZLz37ro_EMdop81Hcb9CefZTZcWc4GF-uO_FWM_CCiLYaYA==

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: app09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9E89 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
URL: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9708965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: RMlYrQgeJU0ejzN6rYft3PVLYMZsmTW8PmfqlgC0W17YUjNO7WUCQg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
216 B 547ms
175ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVD7z,pingTime:-3,time:77,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:65%7D,%7Bpiv:0,vs:o,r:l,t:77%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:77,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:66%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 548ms
178ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVD7A,pingTime:-6,time:78,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:78,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:66%7D&tpiLookup=ao:edonmanor.com*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 548ms
179ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVD7C,pingTime:-2,time:80,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:65,bdZ:955,beA:956,beZ:957,mfA:1010,cmA:1011,inA:1011,inZ:1014,prA:1014,prZ:1017,si:1021,poA:1022,poZ:1031,cmZ:1031,mfZ:1031,loA:1033,loZ:1035,ltA:1035,ltZ:1035,mdA:957,mdZ:995%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.108,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:65%7D,%7Bpiv:0,vs:o,r:l,t:77%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:80,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,siq:66,sinceFw:13,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 337ms
180ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVDb2,time:292,type:e,im:%7Bimprf:%7Bttecl:1158,ecd:201,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:212,o:80,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:i,t:80,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B213~100%5D,as:%5B213~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:66,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 271ms
177ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVDc2,pingTime:-10,time:354,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704963915518%7C%7Cbc11b01579bb74bee76fea8b4b193935%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7C87dfd2ce705a51ef8fe93f8967b70843%7C%7C8fd8508401483ced23fbfdb2e28c7d49%7C%7C5ee569903b29121b110da421529801d8%7C%7Caae947d98367c6f8ac998778eb75c6dd%7C%7C6488955e38b343a30d3180ff87262840%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:15 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DCE 0
20 B 87ms
87ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9235712416186&version=m202309260101&ct=119&x=1&cor=9587174079708744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4FCD 42 B
174 B 87ms
86ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw7VKxh9QC0h5225jdnMINtxyBand7Y6wL6wAIwff_v86S7tWmb3jGKG5rauDeJwsqCFPY5BCz-etoah2-1fAIBd2th4Ir6LaEEw0NGhYQhWr7vJ8Q1xAbC-dN-16lffMjiuFZTvtZhPq4pG7PaWVaYHr4&sai=AMfl-YSqLSJlKMZ4EjJFfsoTjto9adGoiGO_n4JolKbGEsG22bc2hDSTNmBbFTOcDQ5rFgGCPa3w7FR3zLce9gxvxwz6CV_ko1yQTrnkvkdw5SP-r9qZ8075hg65sTHKQ5n1fpz5U-vQaiUYdzFkQLv3&sig=Cg0ArKJSzA53xbnr6AU-EAE&cid=CAQSTgAvHhf_Xe6k4pwDuYx4M07Ldoqlqh9_JHhXOZPemEH07guqdCfz5crrI34_DCDeksgvFWIxQhQKnfWYFol4YcJozL8XVShBAjj--SL10xgB&id=lidar2&mcvt=1000&p=1110,436,1218,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=4045757738&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704963914208&rpt=969&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVDnL,pingTime:1,time:1081,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:65%7D,%7Bpiv:0,vs:o,r:l,t:77%7D,%7Bpiv:100,vs:i,r:,t:80%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:80,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:i,t:80,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:507,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:66,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:16 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4FCD 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:d98b:669d:3320:881e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1686316&asId=9904ec40-a386-e3e9-2f9c-4d8572e8eebb&tv=%7Bc:YVDnL,pingTime:1,time:1081,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:65%7D,%7Bpiv:0,vs:o,r:l,t:77%7D,%7Bpiv:100,vs:i,r:,t:80%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:80,n:77,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:65,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B20~1,0~0%5D,as:%5B20~728.90%5D%7D%7D,%7Bsl:o,t:77,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:i,t:80,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:507,fm:u12KPMw+11%7C12%7C13%7C14%7C1511%7C1512%7C1513%7C16*.1686316-75378114%7C161%7C162%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,siq:66,sis:268%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:d98b:669d:3320:881e Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 09:05:16 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Domain: a.usbrowserspeed.com
URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=bfd4bb6d-a946-4c76-bd63-ab410f3bcc3e&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
edonmanor.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 691c1bf31054c8a2b041176fd4afcea7
edonmanor.com/	1970-01-21 02:21:39	Name: _uc_referrer Value: direct
.gumgum.com/	1970-01-21 02:21:39	Name: cs Value: true
prebid.a-mo.net/	1970-01-20 17:36:04	Name: _Amc_b Value: 0
.prebid.a-mo.net/	1970-01-21 02:21:39	Name: __amc Value: 1_1704963912_1704963912
.quantserve.com/	1970-01-21 03:06:18	Name: mc Value: 659faf48-71e21-81982-d14cd
.edonmanor.com/	1970-01-21 03:00:32	Name: __qca Value: P0-11984869-1704963912384
.adnxs.com/	1970-01-20 19:45:39	Name: icu Value: ChkI3vOKARAKGAEgASgBMMje_qwGOAFAAUgBEMje_qwGGAA.
.adnxs.com/	1970-01-20 19:45:39	Name: uuid2 Value: 3680210318319588292
.rubiconproject.com/	1970-01-21 02:21:39	Name: khaos Value: LR8ZHQCK-T-98JJ
.rubiconproject.com/	1970-01-21 02:21:39	Name: audit Value: 1\|naVuGyos1qrXSmIle41FWz5APvdogVCbaTd6KyMQnaviXIXbtn90wxiIkRgPUQbPqrUfibb9KrslLtiWQsMCh8xuhZpbWKLti4E1Sg1Jfgy+xUA9sgf/4eNEKcfJxgEB
p2.gcprivacy.com/	1970-01-20 19:45:39	Name: gcid Value: a25ffd0d-d18c-4107-99a4-69a22d75eb4c
edonmanor.com/	1970-01-20 19:45:39	Name: gcid_first Value: a25ffd0d-d18c-4107-99a4-69a22d75eb4c
.criteo.com/	1970-01-21 02:57:39	Name: uid Value: 5e1ffd54-5e5c-44d7-af3c-b957f7b4f440
.criteo.com/	1970-01-21 02:57:39	Name: receive-cookie-deprecation Value: 1
.edonmanor.com/	1970-01-21 02:21:39	Name: connectId Value: {"ttl":86400000,"lastUsed":1704963912788,"lastSynced":1704963912788}
.openx.net/	1970-01-21 02:21:39	Name: i Value: eb1e5847-7741-425f-be76-9f90c665936e\|1704963912
.aggle.net/	1970-01-20 19:45:39	Name: aggcid Value: bfd4bb6d-a946-4c76-bd63-ab410f3bcc3e
edonmanor.com/	1970-01-20 17:36:07	Name: _lr_retry_request Value: true
edonmanor.com/	1970-01-20 18:19:15	Name: _lr_env_src_ats Value: false
.aggle.net/	1970-01-20 19:45:39	Name: aggsubsid Value: gAAAAABln69J3fJeB2RM5U1xlNhuEPbnfyipAUEKc7SHYJ3IyeO9o3HJCtC1mUrmqznlGHFqaxftBXtJn_HzJWuoCas85H72Vg5hyxVhTdzoIm-RwPUkROTZmt9WITAwrU4zE9PY0YmrXjlmWfPAm-a78aHvl63vQff8X6i57eHjfZksxgYO3Ss
.aggle.net/	1970-01-20 19:45:39	Name: aggsid Value: gAAAAABln69JkkFaSPeSOrLGG8_4oHO-vkOcsYcEDyYkRzwSzvV4llwe_xiGPoqix4Cv6M-NCf6PU3JRnlaCM1iLP083oL7miT85qAglzt_FCWVD1lSWMRg
.liadm.com/	1970-01-21 03:12:03	Name: lidid Value: 285d6772-f219-4010-bfb6-dad7fff31379
edonmanor.com/	1970-01-20 17:37:30	Name: pbjs_li_nonid Value: %7B%7D
edonmanor.com/	1970-01-20 17:37:30	Name: pbjs_li_nonid_cst Value: zix7LPQsHA%3D%3D
.edonmanor.com/	1970-01-21 02:57:39	Name: __gads Value: ID=78b3cb5144aa78e4:T=1704963913:RT=1704963913:S=ALNI_MZXepemsVTJUGJEuh9mojZxrjwfLg
.edonmanor.com/	1970-01-21 02:57:39	Name: __gpi Value: UID=00000d3f63d1f84a:T=1704963913:RT=1704963913:S=ALNI_MblnzJGpBSD03K6-D283F6PJ3YU4Q
.adfarm1.adition.com/	1970-01-20 19:45:43	Name: UserID1 Value: 7322764251494024409
.edonmanor.com/	1970-01-21 02:57:39	Name: cto_bundle Value: m1PVPl8xM2lTYVBLNGZQTVhHQmklMkJkWXNPV0VLbjVscEdoZWlXTGt5M3l1Y3RacWQwc1JmbyUyQlpvSG5TYXdMaGVEcXlWQ3F5ZVN4TlBueU80aWttNUo3cXElMkJSTER2blVKNEhPNVdlSTZWa2gxQVQlMkZJdFA5S1JPMjVvazl5Y0ZITnpOME00QVRCJTJCV205S1Foa1VjTjBEVjBkREx3JTNEJTNE
.doubleclick.net/	1970-01-20 21:55:15	Name: APC Value: AfxxVi7BnYCvffi7eCtE9sbNULiKewrnYC_A5ddj0ioWGUzueHqt2w
.doubleclick.net/	1970-01-21 02:57:39	Name: IDE Value: AHWqTUmC9FcKzhDfXDtFFzX0xm8nhNLdRcUurP2QVQjv1Y6jymjDOU7v-MJ36ZlwYoU
.casalemedia.com/	1970-01-21 02:21:39	Name: CMID Value: ZZ.vSoB2fYBjLbu1xktCvwAA
.casalemedia.com/	1970-01-20 19:45:39	Name: CMPS Value: 3171
.casalemedia.com/	1970-01-20 19:45:39	Name: CMPRO Value: 3171
.adnxs.com/	1970-01-20 19:45:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Ks+)Xx!]tbPl1M>e)ZlrFUfJ+tGXxoD[ehi9AeO=nSMv-0YV.HQ:ar+^^ND/fx77HK3If)y3KL9D3I?+Ma2)Eo
.adnxs.com/	1970-01-21 03:12:03	Name: XANDR_PANID Value: sEcR6YLN1YFtivl42hDP3Mru580Tt-sN0T0s3Ylu5m0N4K5x910Mi2hVts4hvyjflAr4lAMTCuhCpJ1hmFiQTe5NDVlsPesY8_r2d-C-lr0.
.edonmanor.com/	1970-01-21 02:21:39	Name: cf_clearance Value: _j7gvIkX1GHYsOr3hrGS1RndAUQDnPvfgD1S2CRyz44-1704963915-0-2-119e12c3.1972c213.c9e62b0c-0.2.1704963915

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://p2.gcprivacy.com/v3/id/xandr?id=3680210318319588292&gcid=a25ffd0d-d18c-4107-99a4-69a22d75eb4c Message: Failed to load resource: the server responded with a status of 503 ()
javascript	error	URL: https://edonmanor.com/ Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://edonmanor.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://a.usbrowserspeed.com/cs?pid=c7e3ce26eaec570ef329be40aeaf9cabc7b01d37dd37b285d3b98cf19a2e21bb&puid=bfd4bb6d-a946-4c76-bd63-ab410f3bcc3e&r=https%3A%2F%2Faggle.net%2Fjs%3Fpid%3DOS45X5SNC%0A Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9304a98ed45f2cf9e22b7a7fb2b32ea1.safeframe.googlesyndication.com
a.ad.gt
a.usbrowserspeed.com
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad3.adfarm1.adition.com
aggle.net
api.rlcdn.com
at.teads.tv
bcp.crwdcntrl.net
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
cat2.hbwrapper.com
cdn-ima.33across.com
cdn.adapex.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cloudflare.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
edonmanor.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.minutemedia-prebid.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
imagesrv.adition.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
lexicon.33across.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.quantserve.com
prebid.a-mo.net
prebid.media.net
proc.ad.cpe.dotomi.com
pxdrop.lijit.com
rules.quantcount.com
s0.2mdn.net
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
a.usbrowserspeed.com
api.rlcdn.com
104.18.36.155
108.138.1.25
13.32.119.77
131.153.158.209
141.95.98.64
141.95.98.65
142.250.185.162
142.250.185.166
145.40.97.66
15.197.179.7
172.64.152.89
18.196.19.149
18.64.79.126
18.66.112.124
18.66.122.46
185.89.210.141
2.20.142.56
217.79.188.11
217.79.188.9
23.211.8.12
23.57.19.78
2600:1f13:800:7780:d98b:669d:3320:881e
2600:9000:223c:5a00:10:dd8:5e40:93a1
2600:9000:223c:7200:6:44e3:f8c0:93a1
2600:9000:223f:8c00:8:48e:53c0:93a1
2600:9000:2250:f400:a:e047:753:a221
2602:803:c003:200::41
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:3037::6815:1127
2606:4700:3038::6815:eab0
2606:4700::6810:5814
2606:4700::6810:84e5
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:21::1780
3.64.142.32
3.75.62.37
34.102.146.192
34.120.135.53
34.120.63.153
34.96.70.87
34.98.64.218
35.168.180.16
35.244.193.51
46.228.174.115
51.38.120.206
52.208.204.46
52.215.121.196
54.161.113.161
54.194.101.149
54.246.43.192
54.71.65.132
63.33.168.200
68.183.18.251
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05bfd994b35f0b384e497b0d0c0a6519a99087088aa728945f35886a217c940a
06a1ab381aa86e1ca868a9882a107fb91b8d5a1e1d7483fa597cfa0c55935508
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b4e7658e90e7afca0c35c16822dc51d89f435c684fb54b4fae80b8caf7e98f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c65abbd902a4029d80d7af27b68262be2d60b6e44ab91d74803ec980f3f7889
12d2d3fe7a77cf9221dc746415bebb5cc2259cab53d31e1f07de1b8bd344da6b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a131c7b928ce17cee9b762ad8d7f8619e00830116320dddca775a2079fa86b
18786f4678a0fcdcb54513aa12955d28408733bfcb20582ec10eb73fbeca8173
19100903102b04fef880e5a83c3362e5b48e596cb95007eedcd1946d36454f1c
1d79041b42c6bade0e75d7433fbf2ad56fce1f5353716dcc1550b5a2528f0621
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
1ec59a067ba6ca9573c5443f4162b16b1b3349c34669eb4e7f4be7a20bdc85e5
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26988dd802ec64dc2efb2fc7f55f73010525d83c6e911a8d27abc2a605cea503
2bb65a55aaf41e58463abf83907b9da83b273bb480b8a7636658a77433608419
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
372d61c2521df84f02ada52ec1ae000a9b641068cd36d0f90badee17ca7bd7ea
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ad622c490c8b2f080cdced825459ed26350c82eadddefc99af5287c1ec80ecb
3c4d394b6834ee9c3daaa5241742ea2aa225f4d0098759cde673edfe2e1b36c3
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42cbc6c3fb29a6570fe9ab29a13852a61c8a9cb9bf4cda12408079b199998c61
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d979d1c9096f0ee9bea886d14216acc57d3f63fabc083d5729dc49a1530797
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
49141ee895c8d35118b1d21d3101fd2cc6da7c950f0b8cf7921f21be726978be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d97c4713c0a665a8bf5fea113202a46cdd194e41f2cf885995f405345143c7c
4e140ecc3c649a4f5f48a586077dad2f1f3e0b3f17c78386b3d639222c16a495
4ece0eb9e132d85aa47dc012a52e64533a26348a58c6820434a57171970b4081
506bafc5e19fdba479d912204ef60ce4c94595238b59e7fc89091b94c1acf3c1
50e8b543d54ae0af6da7ecaf0991445b6eeb759ee37f9d91420fe205df2c2611
526e7a239a5a444ac4ab802450f02d03dfd4b7c31e14ee7ffa3fbbb17a01548f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5307d475d1dcbf815d9d8c3fa96662c224c6a7335f0fb6c12214a312422e4e69
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561df1b48e939ca4645539801a39f1fc746e465974ce6aed2f1cd6e582d4c67f
58e41ef286e84d66eb28248ab640b9cae88f4399539c0db756542a9c2970afc8
5941da772e00613d1353f664dd7a55153703c598daa44312a6510b1928cca8c4
5a509c3a98e421391064c01999a1a9bdb347444d475cbf64edbb29af28ec34cc
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66fc08b67f0878719ce275cd1d7bd852de3749f2840bdd5887c1b337d44facfb
68e6fb5c05b42b8dca545b8cf9438c8d8ba25f770b53a34f37d5c98fed1951eb
69719a9c870d154c5ef24b5bc9116a9d2d7a9dee81335b17f4797d68980f4609
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
816e50e6068902cbb3457ba2b672a8becf1bff9e8f17ea719c1e6b71c95f2724
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8788ba4e9ed874db408e6ad1f9df6628ba384c6b185b73aeb6790a7abbdbdd3b
8934a17fbe891605b360c74a9c1222b5c13b80724c5b66a18c37273dbb825599
8a1c63b591eb5f854e83a1c183cc007553c8649ce570724dbc77d05b29750615
8ab49270e2fe531af03fbd808d688426c49bc384c142409c41bcaf47d619f500
8e36e7ce2d718264cdf1194a40c8767443d71134277d4001d904a0482eb5d699
932322769c564ae9269d0b3bdf97e468e162f3dc141ec98bf18f4053cf4ecbe1
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93abbe9a158ffb11fd2ba05dddff30ed3d7205bed155ff90160287f353cb749b
987254ac9c7f9c47d9bf0ee80d13bceeebb1e51e346b61e712318a9022e327ea
9bec4810857c8523bd1c6966212260eabb19826bb94394bb19856f7dd92b1c32
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9f7f40cc428b94599c355e7a5c28f1ac472fa05c956cdfd103ef08949db0b91f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a26d88d48098618267fa987e2b9845bcf35d463876a73b2a1a692a1bc45499b9
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a31fb59823f28fc059a1d5a701c7e0bb74dd2c6bc0f0b76cf4279260e4118ce5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a55507d56bf03708aa74289cf3d7cb472e2d26153b7f526ecd3667e7b3193b2b
a70514da7d3910a506603d478e4c74b70ea842f1b29341dc5bb3e5f580623ea8
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ac2db4ca2049d3eb3cc9d8efaef3d9e4e3012173b4df8f305a95fd4b596ae7c4
ad7f6fe41dd709881e9b98267ab838582c8da1f29c1eac449b1b12f5de1abc12
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0e2e0232cf500d5f0723e8b6aa8644f320ea85cab361b6f9f6762df57175908
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38addbdc404414a4cbe7f910fef976db9f75449444d90742fbcb2dfac314b98
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
bd3a4d8bf0c729b06a3dc960854b7cec069097c4447ac6ce4606a1d18d8dd9b9
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bef3fc21e413d328bdb61b0d0124c26123cbde36bacff3aae8ffbc7ba1b36498
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c505f7e821ae7a1c88e6ce02d8e38b57233d9997445ce06b9ce50be989df5d7c
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cb0076d5efaa169e7449ff8e49406f4872d6aab423d290a676d719a75b2b6603
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd9ff2c664249c8210de8bedae0215e664d0a9ac7509c49c85e81c4186044821
ce3dff54a6241e99217cf4ef9da97a171d16782f1bcdc4ec30d83dba75c9eceb
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d0c7085e7e36081c5551b55034c3690c14ef561b77fc17447e90c7a365bf93d3
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d13aaa75c7d30da07570bf66f4c2a2bce18dfd77ec7e6236a9c756014342f231
d2514d000eea26a3d1b2fe505419e6636ab9030d03fb5fe524cbf2b4e495b0bc
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d71122eff7fb4c76ea96175fb415caad097cb88820ba02092b88fc03cbb24922
d7b28c32c9512cf3fbbaa3c4e6b91914c9531b12b4f31aeb540561a84a7c6d2f
d9de8d9b25f632b10096c516c27ab9bed75e2965589a4485e7c83b55c4e48e7c
db130066c40411769ead227b3226c6e5a58d35c7829a4f19e433743f902b5b70
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de594072b66c086520a1f313b4f174a37070329da78a8600e0f84cca5f79d30a
e313cfc6f8f7fc8f61311a9a5a373fca0408090d2f9b95543147e786b3b7f9fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4877b4a0b89ba592086a0173c926e5e8631c64fa8a9381074bcf7e0213f2c58
e7c5aa6d0357b62b02c6b097ded7dace2d7d73c9d3182ab4769d6d885d42df3f
e879fa34664eefa304af5da1dca318e39d37420dcdb18f334958e5af4f87184f
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ebe7044b5e09f04752eec4d51e3fcd3f0f0cd54a08900b7a3c8571367408ea4e
ec4a9c2c1194d61d725c98b8a30622e4ba68cb783d8754873d8953a74e2de0bc
ec97079c53f7fb89d9fa806d5765d01895b8036bf1aa86ef7fa1777216b9a584
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef21ee3880c770c553ec2e025c2fa49ab79ac51934fa041f08fedf9790c2c0b0
f2b3619b6a76c240f2dc901d47efef6a1a9f726d33aa578252c548b2dd4a5935
f2ec6edf3a3e1cc1c8da987af1cf5ebd654d1523064ffe10f7c7d215a0124811
f32e80ab93b34d4b6ce2db54bab34c5e4b8f3b5338e4c70a8af6905fe1437816
fac330ba87aac879a5fa2f26da14905cf3d7cba62285b608e1190d33fda610ad

edonmanor.com Open in urlscan Pro 2606:4700:3037::6815:1127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

91 %HTTPS

43 %IPv6

53 Domains

74 Subdomains

70 IPs

8 Countries

2538 kBTransfer

6177 kBSize

37 Cookies

1 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

edonmanor.com Open in urlscan Pro
2606:4700:3037::6815:1127 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

91 %
HTTPS

43 %
IPv6

53
Domains

74
Subdomains

70
IPs

8
Countries

2538 kB
Transfer

6177 kB
Size

37
Cookies

193 HTTP transactions
1 data transactions