www.tndeer.com Open in urlscan Pro
2606:4700:20::ac43:47e0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tndeer.com/
Effective URL:
https://www.tndeer.com/
Submission: On April 11 via api (April 11th 2023, 10:27:41 pm UTC) from US — Scanned from DE

Summary HTTP 330 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 38 domains to perform 330 HTTP transactions. The main IP is 2606:4700:20::ac43:47e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tndeer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2022. Valid for: a year.

This is the only time www.tndeer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:20:... 2606:4700:20::681a:4e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700:20:... 2606:4700:20::ac43:47e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:20:... 2606:4700:20::681a:5e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
1 2	172.64.154.204 172.64.154.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
18	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	44.208.38.30 44.208.38.30	14618 (AMAZON-AES) (AMAZON-AES)
1	2.19.228.187 2.19.228.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	54.194.226.232 54.194.226.232	16509 (AMAZON-02) (AMAZON-02)
49	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	52.51.126.33 52.51.126.33	16509 (AMAZON-02) (AMAZON-02)
38	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
1 10	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:4600:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.194.225.26 54.194.225.26	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1078:1	200325 (BUNNYCDN) (BUNNYCDN)
7	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	185.29.132.246 185.29.132.246	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
1	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.125.26 3.125.125.26	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
330	50

19 2606:4700:20::681a:4e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:47e0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adligature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:5e9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1079:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.208.38.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-38-30.compute-1.amazonaws.com

app.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.228.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.126.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:4600:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.225.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-225-26.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1078:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.149 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.157 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.125.26 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-125-26.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:4dc4:1acd:4e16:7f78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	googlesyndication.com 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	2 MB
57	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228	260 KB
37	tndeer.com 2 redirects tndeer.com www.tndeer.com data.www.tndeer.com	257 KB
24	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 6863 trends.revcontent.com — Cisco Umbrella Rank: 1978 yeet.revcontent.com — Cisco Umbrella Rank: 7673 img.revcontent.com — Cisco Umbrella Rank: 10302 cdn.revcontent.com — Cisco Umbrella Rank: 8139 images.revcontent.com — Cisco Umbrella Rank: 7539	166 KB
18	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	6 KB
18	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1960	410 KB
10	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 7285 data.ad-score.com — Cisco Umbrella Rank: 7066	159 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	439 KB
8	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4998 pixel.mathtag.com — Cisco Umbrella Rank: 1107	6 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 7832	1 KB
6	convertbox.com cdn.convertbox.com — Cisco Umbrella Rank: 28323 app.convertbox.com — Cisco Umbrella Rank: 27725	161 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2284	20 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	110 KB
5	pubmatic.com 4 redirects ads.pubmatic.com — Cisco Umbrella Rank: 509 image6.pubmatic.com — Cisco Umbrella Rank: 779	67 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 913 r.turn.com — Cisco Umbrella Rank: 3710	2 KB
4	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 30762 hal90009.redintelligence.net — Cisco Umbrella Rank: 409211 hal90007.redintelligence.net — Cisco Umbrella Rank: 325463	8 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 416 mug.criteo.com — Cisco Umbrella Rank: 2381	1 KB
3	adligature.com cdn.adligature.com — Cisco Umbrella Rank: 80376	123 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	203 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 584	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 830	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 820 s.tribalfusion.com — Cisco Umbrella Rank: 2028	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 368	653 B
2	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2798 cds.connatix.com — Cisco Umbrella Rank: 2895	263 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 828	339 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 712	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1557	351 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 804	713 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	104 B
1	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 15498	2 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1729	317 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 437	624 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1429	249 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1464	646 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5325	208 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	559 B
0	rlcdn.com Failed api.rlcdn.com Failed
330	38

	Domain	Requested by
49	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com tagan.adlightning.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
38	tpc.googlesyndication.com	tagan.adlightning.com 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com www.tndeer.com googleads.g.doubleclick.net
26	securepubads.g.doubleclick.net	cdn.adligature.com securepubads.g.doubleclick.net tagan.adlightning.com www.tndeer.com
18	googleads.g.doubleclick.net	tagan.adlightning.com www.tndeer.com googleads.g.doubleclick.net
18	tagan.adlightning.com	cdn.adligature.com tagan.adlightning.com 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
18	data.www.tndeer.com	www.tndeer.com
17	www.tndeer.com	www.tndeer.com
11	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
10	www.google.com	1 redirects tagan.adlightning.com googleads.g.doubleclick.net
9	www.googletagservices.com	4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	images.revcontent.com
8	4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
8	adservice.google.com	securepubads.g.doubleclick.net tagan.adlightning.com
8	adservice.google.de	securepubads.g.doubleclick.net tagan.adlightning.com
7	data.ad-score.com	js.ad-score.com
6	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
6	yeet.revcontent.com	assets.revcontent.com
5	cdn.ampproject.org	www.tndeer.com
5	assets.revcontent.com	cdn.adligature.com tagan.adlightning.com
4	image6.pubmatic.com	4 redirects
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	js.ad-score.com	tagan.adlightning.com js.ad-score.com
3	trends.revcontent.com	assets.revcontent.com
3	app.convertbox.com	cdn.convertbox.com
3	cdn.convertbox.com	www.tndeer.com tagan.adlightning.com
3	cdn.adligature.com	www.tndeer.com cdn.adligature.com
3	www.googletagmanager.com	www.tndeer.com www.googletagmanager.com www.google-analytics.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	pixel.mathtag.com	tags.mathtag.com
2	hal9000.redintelligence.net	www.tndeer.com
2	match.adsrvr.org	ads.pubmatic.com googleads.g.doubleclick.net
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	tndeer.com	2 redirects
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	hal90007.redintelligence.net	hal9000.redintelligence.net
1	hal90009.redintelligence.net	hal9000.redintelligence.net
1	cdn.revcontent.com
1	fonts.bunny.net	cdn.convertbox.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	id5-sync.com	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	img.revcontent.com
1	polyfill.io	tagan.adlightning.com
1	ads.pubmatic.com	assets.revcontent.com
1	cds.connatix.com	www.tndeer.com
1	cd.connatix.com	1 redirects
1	pro.ip-api.com	cdn.adligature.com
1	www.paypalobjects.com	www.tndeer.com
0	api.rlcdn.com Failed	ads.pubmatic.com
330	62

This site contains links to these domains. Also see Links.

Domain
smeagol.revcontent.com
help.revcontent.com
www.revcontent.com
xenforo.com
customers.addonslab.com
xencentral.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-18` - `2023-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
data.www.tndeer.com Cloudflare Inc ECC CA-3	`2023-01-29` - `2024-01-28`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
cdn.convertbox.com R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
assets.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
convertbox.com Amazon RSA 2048 M02	`2023-03-01` - `2023-08-25`	6 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
revcontent.com Amazon RSA 2048 M01	`2023-02-14` - `2023-07-16`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
img.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-02-15` - `2023-05-17`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
fonts.bunny.net R3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
cdn.revcontent.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
images.revcontent.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
redintelligence.net R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://www.tndeer.com/
Frame ID: E69063477908146BB0CB1839E78BCD59
Requests: 119 HTTP requests in this frame

Frame: https://www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681243200
Frame ID: C31F2C61B918126050688154358B4468
Requests: 3 HTTP requests in this frame

Frame: https://cds.connatix.com/p/255837/connatix.player.dc.js
Frame ID: 9C19DF8B44D24ECF21E7B063A75DB190
Requests: 1 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29066E08BC88F17B767214426B96FA1A
Requests: 1 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3A50A01DE0A3E30F34A7DDBCAB271EDB
Requests: 15 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0B3C324E2D79A4B68C0FB34587ADC6C
Requests: 15 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DD3052B47024AC2925C273BE24C770E
Requests: 15 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D64389C52FE69754D06397166BDC8F28
Requests: 15 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 357879D97E2BE165A4A6C6F2D2C79889
Requests: 15 HTTP requests in this frame

Frame: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Frame ID: BC81D3714A3F15305AAA074BA4CFD96E
Requests: 13 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C9F4800D32DC50DB87F3F3C3E19C9586
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC024E2BB91B82AE99C03E0AD94546E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E32FA37139CE26B8A34969887E0DBDF
Requests: 2 HTTP requests in this frame

Frame: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 20433FAB381FEDB324578AD7BCE1BC28
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html
Frame ID: 2BEF0D7CBF0865F5747B5C62A0A82872
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=6628d82&pid=1000177
Frame ID: F0067A1A42EB637F7453515DFC257691
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755398&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051794&bpp=6&bdt=1976&idt=940&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=4944760285053&frm=24&ife=3&pv=2&ga_vid=506964290.1681252054&ga_sid=1681252054&ga_hid=1443730944&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071755%2C31073585%2C31071261&oid=2&pvsid=1732632179286221&tmod=54957783&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ib9wn1fut1iz&fsb=1&dtd=2336
Frame ID: F61FAC5E0B5055275618B89FBDD13009
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755400&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051653&bpp=8&bdt=1822&idt=2370&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=6001878256996&frm=24&ife=3&pv=2&ga_vid=508674425.1681252055&ga_sid=1681252055&ga_hid=1192747380&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31073585%2C31073787%2C44785293%2C44786501%2C31071261&oid=2&pvsid=553665147247335&tmod=1591938294&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ow7icte3uckw&fsb=1&dtd=2879
Frame ID: 8941F6932C3F289B718A62CB80E09B65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4342707793&adk=655777048&adf=3173046729&pi=t.ma~as.4342707793&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051794&bpp=2&bdt=1976&idt=2263&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4944760285053&frm=24&ife=3&pv=1&ga_vid=506964290.1681252054&ga_sid=1681252054&ga_hid=1443730944&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071755%2C31073585%2C31071261&oid=2&pvsid=1732632179286221&tmod=54957783&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.kjzf2nkl2ll1&fsb=1&dtd=2778
Frame ID: F9EC992A034C6038859016A0F982BDEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052174&bpp=7&bdt=2304&idt=2003&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=8587493316629&frm=24&ife=3&pv=2&ga_vid=934290547.1681252055&ga_sid=1681252055&ga_hid=1636295498&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31071261%2C31061690&oid=2&pvsid=769082398379340&tmod=1455190391&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t6n3qsqo6x8g&fsb=1&dtd=2478
Frame ID: 51C373DD53FE73137510C95790D02314
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=8115621213&adk=3600638404&adf=3173046727&pi=t.ma~as.8115621213&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051653&bpp=3&bdt=1822&idt=2618&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6001878256996&frm=24&ife=3&pv=1&ga_vid=508674425.1681252055&ga_sid=1681252055&ga_hid=1192747380&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31073585%2C31073787%2C44785293%2C44786501%2C31071261&oid=2&pvsid=553665147247335&tmod=1591938294&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.d7t3gjq2p8e5&fsb=1&dtd=3035
Frame ID: 8A516E2A04203A08B3A63796EF4342DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052341&bpp=7&bdt=2457&idt=2027&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=5587738028122&frm=24&ife=3&pv=2&ga_vid=1478913180.1681252055&ga_sid=1681252055&ga_hid=1028215158&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C42531705%2C31071261&oid=2&pvsid=3720251294834545&tmod=271836378&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pffj99yaeivb&fsb=1&dtd=2437
Frame ID: 6EAC20B615ABEE265606FC1B6A88BFD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=3173046726&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052174&bpp=2&bdt=2304&idt=2267&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8587493316629&frm=24&ife=3&pv=1&ga_vid=934290547.1681252055&ga_sid=1681252055&ga_hid=1636295498&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31071261%2C31061690&oid=2&pvsid=769082398379340&tmod=1455190391&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6rvfda5qpt2y&fsb=1&dtd=2640
Frame ID: C4D9C4FDD1E1706E7D642E4E25725580
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046725&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052341&bpp=4&bdt=2456&idt=2279&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5587738028122&frm=24&ife=3&pv=1&ga_vid=1478913180.1681252055&ga_sid=1681252055&ga_hid=1028215158&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C42531705%2C31071261&oid=2&pvsid=3720251294834545&tmod=271836378&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.wninsf3080ba&fsb=1&dtd=2598
Frame ID: ACEFFBFE9922A7FAA29AC584D0B8D9E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79F7C685547A6CA25F2E18CAF3C9A743
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 018ECB754CA70D41EFB09B7721D4194E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0BA74DB5849964D2DDF5FE45D895227
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D78B71E7760D268FCF3FC9B3EC71C43E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755405&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=6&bdt=3310&idt=829&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=3718433483744&frm=24&ife=3&pv=2&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ssyheegkttd0&fsb=1&dtd=1167
Frame ID: E942401E4D64843D7AEFF9FE6F034CDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417941&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=4&bdt=3331&idt=846&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=2976583369586&frm=24&ife=3&pv=2&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.szblv1lpe5q7&fsb=1&dtd=1195
Frame ID: D81D2A07DB07645D2D6F5EA8A2F1B3DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417936&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054844&bpp=7&bdt=3162&idt=816&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=7668444842580&frm=24&ife=3&pv=2&ga_vid=850890244.1681252056&ga_sid=1681252056&ga_hid=665472747&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C42532090%2C42532186%2C44759837%2C31073584%2C42531705%2C31071261&oid=2&pvsid=1724737715024043&tmod=1824385046&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.hf1afa445duj&fsb=1&dtd=1163
Frame ID: 6117F111A5C0595617058129F5E628D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Frame ID: BD90C17638D27F6ACCFA4EB11459AA2C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F111272EA21E62B5CB97DC89AB6DAF8C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C28FAF34CAA7C53B8B19361AF7354D18
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEF6F38C55959FF37BE8B2A5FC29F766
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6C0211ABF4A0E0D7A08AA308F3ED380
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=250&slotname=9237131191&adk=3628223246&adf=776186313&pi=t.ma~as.9237131191&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=2&bdt=3331&idt=992&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2976583369586&frm=24&ife=3&pv=1&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.koniljq050ob&fsb=1&dtd=1414
Frame ID: 5E99D7BC6556DBA9E200DD71817BC539
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=776186318&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054844&bpp=3&bdt=3162&idt=969&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7668444842580&frm=24&ife=3&pv=1&ga_vid=850890244.1681252056&ga_sid=1681252056&ga_hid=665472747&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C42532090%2C42532186%2C44759837%2C31073584%2C42531705%2C31071261&oid=2&pvsid=1724737715024043&tmod=1824385046&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.kcy7c5q8np2z&fsb=1&dtd=1410
Frame ID: 8911F56C5A6D8E439CF548E6F58642CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1932A9B11BAA8402AFAF7885DDE4F8E5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE3BECF1BF54137A9CA8B5C1EAD6DA5A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5860FDF25BB663A484F953E40172A59
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A6C937BF726EAF6A18E33199E84303B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 176F420709ABF99C011F176B30E7D69D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 292E6CE6CD48A80C461D44D053F64975
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02882382C4172D3D70535D39BFD2B525
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 858F14839E637F6E20D975A1E63328EF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tennessee Hunting & Fishing Forum

Page URL History Show full URLs

http://tndeer.com/ HTTP 301
https://tndeer.com/ HTTP 302
https://www.tndeer.com/ Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

330
Requests

95 %
HTTPS

51 %
IPv6

38
Domains

62
Subdomains

50
IPs

10
Countries

4210 kB
Transfer

12547 kB
Size

35
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://smeagol.revcontent.com/v3/vJDZfd4myNtGh8k8djTqXL-uVxJedaTP0ufPActxipwIi2H9kJcfmsq8aEV9FJcOwqAALmXJckRP_EJ2MSwiIJft-AQJlowNaWTn6lFyRfeYyK7vnytBv4gapDZlgj6yhoFDzXK0wSAs1CDOEOyhRAU_3ClugTDfmXguna3b3i7mJCRO9Pq2PrAU1y1ibdUo7jP3RJaxJ4bDgIMpAiwPvLeS05dfqOojupZIitsfZshItMp_DE_eM94-hg35BxcZL2Seq9YLYjNYQcqmHdM8WirWHXvbLxzO7xFO0rR4Y_oYvJpnm27x1wY7BvqXs0lfvZNqPmBWLaLvBqc0IDfG4urdFcYaL0CJBvSizIFk40HrXpXC5qyAHjAzUaXU_Z9843j8KwYk3LtsbA5GnyGyDi8FwZveG65MH41JHqXmPPhzCrORUp6zdNkNX_AWk90za02ms9ITrHGUM42Z7A5FjmMavAoQK1oQ7uwOh0Rrk_KiKV29ER9zUh9JWvl7o9EujO1Vt3uqUBrQXuKzPtLqxMC-eCnBkSCJy01dwIc?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABAdgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: This Video Will Soon Be Banned. Watch Before It's DeletedSecrets Revealed

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/KI0_vaudT6nxZ1ehFPPUlja94h6Ue_X15fZjtK3NXD3MdWtiGR9xxJVDfRmqVgyuwwg7ebIhVZ3NLfRa4skPbcfcd4P7qo9wKqA-QVMrVSvwQcIylK55JVpMhQfQym3S8KjwWr83S2GceX8i2cSGZ0dNUGdJjQfVHSCIzc0mQhPeLTn_b3E0rauIATZ_C4l5m5olM2NSEUYwNedOqLOMZiVWa1oKea5lBFlMqchOKDN74PK6o6ao_UD8CLi0mykaGMayKVMmogWO3SLpo_ncy-zsCt3wYqJulMCjACS7g3eT01QnkMVXSObcxY3_JMbCb14qENEwluLKbunwfO3FOadPVPQYypxW1yULOCjoIrGzwm1cVjdOJy-cT2EW3FKpM-CpIDtI4JrvWdX8KQGJqF53vh_Z8qKCgiK_vyualD4KUSn3ARxLutpSUxevc8x_eNRwx1ilzQRvK0-wrx257ERzFZbKGsEpQLswDjRFYR2UH9CWMIqJPfsOohBcuJL59aiMfUDe72JV?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABAtgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Read the Touching Story of Elephant Salvationviralsharks.net

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/62Pmz7ycG0LOpJg6_Kdl2RKOYAbuU58vwXRv1Y_1qVFMA6iuQaQkNIyRrt73fyFKeh0NmR0tY72rOT8vSiLrwD6ykrRi8vozpNl8S4FXk7tGw67IE3So-Eh7N4E6bk5XiI_xTpIff-a8cjOJ_hZp5wN_nNu8lUplUyqeNF2fwlfbZ0CzkNAVr2lGC-vCt8BM7mv-kf9HYVnVCtRssiSkjgFaKEwc-pNQPLHEmYrIzNIxFPDm4yf3Ak--xdcqdz8-TMzqgytlbVjn1tVYoIsvYaakueY99hN0cmhKo-4Bojp3Oi7Zu5nVFFBjn_h1DQjUV_eJevFwYlkX5Vmi3R386cUzbU22D7JUm4i8OyC6aQ2D7hilYUAQPGc_HBWUILbbiAiYgee2HdbLAvyGc0cfQPfKVZBi884GW1arXRdoHf4pTG8AilDlG1C5s43SjvgXX4-CdptonG2TfB1fZpQ579e94HcUg374rXGQ01m5jw4U7GBGyAjH4SfFBB_OKeSJ6ZJS91pVRr8KliFF63C8URuP9hrQCD4zu2Fz1AWKjSpzC_958MHhYLU-IuLtfIMxmWHvXwkZGEX_ZSLTQ0u56jdBmG-SXNvfnNs_sx2hC3aLCALTVvnLHVxeVJ72ShuqHCoINdJ6EEsmkRel9WnyUGYGQxvu5Nl9KdipYKjAUOG1G0PrMUQwhVWmxaDW4fo_2EhAateQFCEE0xtR3EE?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABA9gBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Bluthochdruck auf natürliche Weise loswerdenCardioBalance

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/fzji7HEhKnOgP_HaeTOSCuYkX-Rfz4EZdNhUu_YNK7BAEiiIUeTpUPwa0ErxP8nN07UYfsQfD7QKmR3Z3fORkOjlvMf9o6JZeofmexZYm95xuSukChSKFrv6AF_Af2fBu2YSfpZlKonxDyuM0vwchOIy8y4ESOqcK74_TBaUrKl4ncEQK3rokF5kTe45UA3FD-1oSk9hCkGrF3NEJp-asI1gPGPXyNZqe504EAN6XSFeOkexuZe6h_ObUwnM-m-xzVshINFHGNgHoIqUuXpDwoZx1TJNnEuaJOsMupp_9hNjz9YVKl4vRZL_1iC4nDpKa7iX4AURu8xry8SCmHEufHYi-ZU_jN8jRVofHZimyprUGTZDNU-NSSj5o-jiQhGtjwqgA7jlwRVYx29zF42WVtgzOUwsRtyiVIC7eMbIoTEdldf3h-wRfSWC6gl0gMqSGsdWPXEGHOidSJo4Qsnhm0lz42XhwyMlH7jReBJp4d3YNr87pwqj-J5wcbinZSh2YrhAvA?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABBNgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Optometrist Stunned: New Discovery Fixes Your Vision Naturally (Watch)Growth Advice

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/IeiqI0U-1Tr7GAYvwI2Rg77tGPd_QuJ5Waov-LEM-RoUENHBraAKXWhFPy-DqwRTzqbFUS-dcLoAyJjcnz77wXLfQ6MbHVCYGurjy22L25EZv5pExNMy3kFQajtxmyi3X-HVirDF0YFTr4gQV9zrH_sUs5T2XgpdLJ7an7VqJt_qWxSaCNjvyvOpI8AJCAjKRHD7OoQsQnjsGdLFi7I-8xtTqHs5F7OsgoFf4jFu_wG5Ti0jl-aNHIuRdnTWI_YAJh-qgmd5RVroIe-YkZiDBKgRxkjadh8Z1h3PPMfSxLtQTv9oAgpGFdfdd3CVOGCsQN92Vp1qJKJlm4PpCM-mLIvZpqYmFPmcnLOth-OvpsnCX7_nbWcQTm9F_CJLtqJkAMr_UAcNDNA4Zaf-QI2CPLXmPji0nWjaBZIIC-H5tn2m5Wnke9t_4koJ66i4pbl-eOpaPbJamYwPszlZc9kIFOjcrnzRFDSLt1FdPQsbzeUtJgqhB06T_F0Uoy375Q?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABBdgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Doctors Amazed: Do This Immediately if You Have Diabetes (Genius)Growth Advice

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/jeS21XpqqqxZuVNJtEGEl0mBQJBIt869Eq47zsjl0DO-yyIumSNJBW_YAGQjXvyLubJTnkj6dhG23WdKhYcPOWB7iksZfBaoSAq-nUJexxbYf6G4PU2Wgu8Uv1jaetogkXjZohgleE17lmXGnG9xHzub6BkC5PvjcubcsL_IkgnHKKlZpIEqkhvcO_eO1R8cSDU9AhnFwZA5aCUiT-uTv_Me4L5fWhY5vJq0jhMWoZbPz-Z8lDpH-gciH6qBdTOwxWMElQ_0hoiyqQIPVBTYJBdw8_pVFML5qg5mTzzvoybypy4W_NEwb3xUY95cnuDrm70o5-qCavxIdGtVJq2n20u5JOOLw9hmhXO0y0lo9w5C7p3WhSTKbDLVEejQ1xiPXtwSvn4-fgJfRWMI40bWTTl2O-0blANlQyLjIOAmiVhuqiSVWm3qt2vbtN6GCMOjkSr2NQtjQhfhvpax8slaFoSrWMP2U_qnRcLSW4-iGvaPQ07HKb630iLhjA?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABBtgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Tinnitus Discovery Leaves Doctors Speechless (Try Tonight)Growth Advice

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/Vzc2kzJWENE-qYdoxKArMNVSwnNkZxGJP7NudGmHaixvkVRdgq3O2m7UcgUi5GTu17WMvluyQrMY5ehCRW8EZx9lzOO-h7O4VmW0yBqeRhtXIoOq5UwJzWBVPR0qUhMprHln9zI3_CgLnQYi_G7l6UCo_d33pw__UrkMOctu_QOw5M4ZOJE2dH5V99gBWepMEKNicaGEudy3JOWecaj2yTB7_oDpGmPXpo_QG_rSqSwVSwqrgNV71IY3dBpAfEd1hxyZU_af8qFM5VuzNQ-QeCFRQmNzB-l5X4cV629Xgo81Hpnx06mZuCEnBFHxOch9GJtkB68R9ZvUhrkbdLxeUi8dTbIQiBMFkxMV3OKU9O-4qVHtGr9DoxiLhErUK8Soa83tcQ66us-n3WkhUXYEk2Z7mbrS6V8ca1WdWF-UUYvRws-jykQq0JYD3KNIvdVMbejzjX-1CnNkfjEbcJnEzAcNqV20utuAVqW8K1aEG4l1ejXdiyVsSjTg4J23fprqUPu2iq7yfW9qZM754ebtV1KSersA0Lttzd6m8az4?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABB9gBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Remember Her? Try Not to Gasp when You See Her Nowviralsharks.net

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/jInZM-c3yG8L0dUC-An3DInjdSIhvokSyZJM5Ck39S2yzc7y-rMibp9h4_yQpcyVp7kFVy_MD5DyHTfVElvYUPEp9qaV16KFhY8kKBPxKijaZdO8-uoJ9Joa7WAq2678YOzcRqludfThXlI9H5yU1vERqB49BoemQj1f6bo-jhmd2wOVxRi5GWAaZU4s3H71tLdf051nVS48sMZOjXuLqLvRREgHOw8MGbSHnZvTTkOnuKrhvc43S9lOllZfAtTj1Pn0p_G90fW-wbY8ALbnj8OcSsQdCv6Uu1exw_FiqLor5K_LZY07Bom3OAmruM-UKL7XcBwHrY2wVy5JMN98ZCzbG7u8bP6uZSAzKe8uQH0jIK3HCTINmkCObOSYP6JCj1X_LcT3L7Hc48E6SQTw7ol_gkCy7ec98VIjJcisge-qSREJ7Tvj48ivcgWqWZn1lKJaQ6PIlPL3agRrv_P_BzcoiE1dl5MU21hTZNixYoJzwpC_TlRBHZZMDAmQsjT15wUzEr5N64FDG59yUl9Su_EQ?p=GgFDMNG916EGOiQwYjkyNmY0OC00MWVkLTQ4NjMtOGIyZi0xYWIyZWYzZTM2YzZCJDEzOWU4NWMwLTc5NmQtNDQyMC05YTgyLTRiZDZmYWNhZDhiNEoMd2hpdGUtd2Fsa2VyUN3gCVjswg9iCnRuZGVlci5jb21qCWRlc2t0b3BsZ4oBAzF4MZABCNgBso7wAZECuB6F61G4zj-qAgwyMTcuNjQuMTUxLjQ
Title: Diese Diy-methode Entfernt Falten Wie Verrückt (versuchen Sie Es Heute Abend)DermaLab

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2022 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://customers.addonslab.com/marketplace.php
Title: Showcase Filter by AddonsLab

Search URL Search Domain Scan URL

URL: https://xenforo.com/community/resources/xencentral-feedback-system-2.6238/
Title: Feedback System

Search URL Search Domain Scan URL

URL: http://xencentral.com/
Title: XenCentral.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tndeer.com/ HTTP 301
https://tndeer.com/ HTTP 302
https://www.tndeer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/255837/connatix.player.dc.js

Request Chain 124

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tndeer.com%2F&domain=www.tndeer.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=j-uMXXxqb2dVVVFZblFUUDFJalZDNVBiemRFNWxsZkI1WHVXeWYxZ2dwQklvUW91cVFhNmhnc2Q1MFhqcnlrbGRiMEE0TFJUNlE5bkEvTUp4dkpoclpianJHak1CUGtFazlxM1RZY2FQengzNHdQT25QKzFlU0pMSENhWE5KdUE0cVp2VnM2N2FOYzltekxPSGV2WHBpVFZKV3B1TXZGaTVjdTR2Q0hGUTRocDhRNC8zSEFub25VWlRPTVluV2VKZnhhbU9wSERJQzVWREhjSi92blJZbFpRc252eWlmbFNPeFh2bkhCZXJnZjlOWkF4Y016MVkzdXB4L3hBd3VUNDkwZ2hHfA&cppv=2

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 315

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1&google_push=Aer7DvJBgfXYzBauYClQkXppJl--hL3I4Cciw08tsdIcUTt7cmUZgb3uogqWZ4dYt5TIuLZhDbHNNTnl-Bz1xCusWHa7HnBniGKhAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI2NzU0NDUxMTY2NzA4NjI4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1

Request Chain 317

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 318

https://um.simpli.fi/gp_match?google_gid=CAESEEb8Xm19BJ5CpcAclOr8yIg&google_cver=1&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT-yuLrfDGGR8k_gag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35A5F0D751B04D7383A4B1479292D0ED&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT-yuLrfDGGR8k_gag

Request Chain 321

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5ZR9mRZj-4mJxLaodHqJs&google_cver=1&google_push=Aer7DvLFoOSBK7tHW63MdkSAjW_39iFTxF1BwcfVKf5mz0TDNJMMcVPeb_Kf_10skiKGLPH7zm5PtFZH97ksGVzgFYuA56plU6A_H_M HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5ZR9mRZj-4mJxLaodHqJs&google_cver=1&google_push=Aer7DvLFoOSBK7tHW63MdkSAjW_39iFTxF1BwcfVKf5mz0TDNJMMcVPeb_Kf_10skiKGLPH7zm5PtFZH97ksGVzgFYuA56plU6A_H_M&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=coJxk66DSJS404jhhZ3KHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLFoOSBK7tHW63MdkSAjW_39iFTxF1BwcfVKf5mz0TDNJMMcVPeb_Kf_10skiKGLPH7zm5PtFZH97ksGVzgFYuA56plU6A_H_M

Request Chain 323

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1&google_push=Aer7DvIn0lSFTaUzE7VkqAa45OynFBxw1WlpmypzaTrs0ebil1Xwz6ViDHhnROWv22YCj2TLMCr9WYWRItNtI8gf4-b5wIhXdR8nSBk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5NTQ4NjkxNzYyOTE1ODM1MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1

Request Chain 325

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfKqwdmr2GvF92HADlPJ2_u6p8qU6APOsdixeqHj4hm4a7wKPxbdOsS6Poo HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfKqwdmr2GvF92HADlPJ2_u6p8qU6APOsdixeqHj4hm4a7wKPxbdOsS6Poo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUZ6V1VrV0IxUE1tc0c1&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfKqwdmr2GvF92HADlPJ2_u6p8qU6APOsdixeqHj4hm4a7wKPxbdOsS6Poo

Request Chain 326

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI1LTwVYvNY3S38L5R1zwvM&google_cver=1&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pWcYayKv8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pWcYayKv8A&google_hm=eS1EdFR3Nno5RTJwR1dwV0t2dGpRR1BiR09CZTlrUnpCVX5B

Request Chain 327

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEADH2SoLjLXWAHzYzUoxmsU&google_cver=1&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNcty3iztEpkzW-awsBxJeBa08 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEADH2SoLjLXWAHzYzUoxmsU&google_cver=1&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNcty3iztEpkzW-awsBxJeBa08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU1MTE1OTA1ODcwMTAzMjcyOQ&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNcty3iztEpkzW-awsBxJeBa08

Request Chain 328

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5ZR9mRZj-4mJxLaodHqJs&google_cver=1&google_push=Aer7DvIkOvfb3HQv66CCXlhETLS-AvB1NkmACRDysPEvoeAov94lXt3mvJDuBXKxC2uWtaaCr62DmzLk5J9lI6kwoYNT3p6LCL3GdII HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL5ZR9mRZj-4mJxLaodHqJs&google_cver=1&google_push=Aer7DvIkOvfb3HQv66CCXlhETLS-AvB1NkmACRDysPEvoeAov94lXt3mvJDuBXKxC2uWtaaCr62DmzLk5J9lI6kwoYNT3p6LCL3GdII&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iz3nwDPRk-B7f-TwruZ9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIkOvfb3HQv66CCXlhETLS-AvB1NkmACRDysPEvoeAov94lXt3mvJDuBXKxC2uWtaaCr62DmzLk5J9lI6kwoYNT3p6LCL3GdII

Request Chain 329

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEzmMysMo77uya-PO3PWAeI&google_cver=1&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F244DOu2N4XPbDNul6nJqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F244DOu2N4XPbDNul6nJqE

330 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tndeer.com/
Redirect Chain

http://tndeer.com/
https://tndeer.com/
https://www.tndeer.com/

119 KB
20 KB

241ms
203ms

Document
text/html

2606:4700:20::ac43:47e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

c195726e1fec34952dc003005120f6293ba0ff5fa19bcd222979d0a19571a586

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0,s-maxage=300
cf-cache-status: EXPIRED
cf-ray: 7b66a83318349046-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Tue, 11 Apr 2023 22:32:27 GMT
last-modified: Tue, 11 Apr 2023 22:27:27 GMT
link: </styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1679198059>; rel=preload; as=font; crossorigin=anonymous
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-powered-by: centminmod
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 7b66a8320f479046-FRA
content-type: text/html
date: Tue, 11 Apr 2023 22:27:27 GMT
location: https://www.tndeer.com/
server: cloudflare
vary: Accept-Encoding
x-powered-by: centminmod

GET
H2 200 fa-regular-400-min.woff2
www.tndeer.com/styles/fonts/fa/ 14 KB
14 KB 137ms
134ms Font
font/woff2 2606:4700:20::ac43:47e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1679198059
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 0bac40fcd98ec7521c58477c9142f220b5158d6635f616d37a7aca28e92b1c10

Request headers

Referer: https://www.tndeer.com/
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2023 03:54:24 GMT
server: cloudflare
etag: "64168770-37ac"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b66a83479319046-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14252
expires: Mon, 18 Mar 2024 03:54:30 GMT

GET
H2 200 css.php
www.tndeer.com/ 243 KB
38 KB 152ms
151ms Stylesheet
text/css 2606:4700:20::ac43:47e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1680287318&k=ca6964a7eb755900fcab87efc60a07b5edb3f6e9

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

797b78dfbffb56adfd5bdffee12f82a7eff5921364d37926a1853ba2a4288dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=249023
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 31 Mar 2023 18:28:38 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7b66a83479329046-FRA
expires: Sat, 30 Mar 2024 18:28:42 GMT

GET
H2 200 css.php
www.tndeer.com/ 15 KB
3 KB 141ms
139ms Stylesheet
text/css 2606:4700:20::ac43:47e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3AsvESE_autocomplete.less%2Cpublic%3Aextra.less&s=2&l=1&d=1680287318&k=5247f101fd02193b20489d8a31b87d43a1e1e19b

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:47e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

93b8a85a40226b629c5190b22df697fac10a833a0d29d11d483ded82de0e1ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=15726
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 31 Mar 2023 18:28:38 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7b66a83479349046-FRA
expires: Sat, 30 Mar 2024 18:32:04 GMT

GET
H2 200 preamble.min.js Show response
www.tndeer.com/js/xf/ 3 KB
2 KB 134ms
132ms Script
application/javascript 2606:4700:20::ac43:47e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/xf/preamble.min.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:49:12 GMT
server: cloudflare
etag: W/"63920778-d33"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a83479379046-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90928980-1

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

115e253629c13deb372405b292cfd71e59adc06d2e7aad54151d5ccf2f0f8626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 61715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Apr 2023 22:27:28 GMT

GET
H2 200 rules.js Show response
cdn.adligature.com/tndeer.com/prod/ 24 KB
5 KB 155ms
119ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/tndeer.com/prod/rules.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0437392c827a17dc796745bb7bb042a334dcbade3f880edb446d751e3d3f66f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=42136
x-guploader-uploadid: ADPycduQPUoA_17JzxUfySvXNivNaxgYhifT_lvyArrwtIpQX36uHRbbGkHixb00VUKO9gcBXcKwNYDBFKUDm1vrJYUdTw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Feb 2023 14:25:11 GMT
server: cloudflare
etag: W/"26877c64dd05bc46e44a8a1e2be27297"
vary: Accept-Encoding
x-goog-generation: 1675261511128463
content-type: application/javascript
x-goog-hash: crc32c=NepBGw==, md5=Jod8ZN0FvEbkSooeK+Jylw==
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oeDe5yFL04o90LtY65xVGA03NXc863S66lk9MVVk7wTs3LlygQgI%2FuZMdzJSOcV6twstD1Ggga4R9Q4JcgvBdEts8D%2FGJd9wf20JFYtzv0aTm%2BFvvDtuhf%2Be3h%2Bxj4B3HUbJSOton776wbug%2BL7lls%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 42136
cf-ray: 7b66a834ad013804-FRA
expires: Tue, 11 Apr 2023 22:37:28 GMT

GET
H3 200 logo.png
www.tndeer.com/styles/ 13 KB
14 KB 127ms
125ms Image
image/png 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tndeer.com/styles/logo.png
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: f2366f3afcfda94397a63e60c2372b3bc7ca5bb2cf94c26e8b6a266fd47f3a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
cf-cache-status: HIT
cf-polished: status=not_needed
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13755
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Oct 2020 11:58:44 GMT
server: cloudflare
etag: "5f9416f4-35bb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7b66a8358c623a61-FRA
expires: Fri, 28 Apr 2023 21:04:40 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
559 B 37ms
7ms Image
image/gif 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 57a76f7c3a2e4
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10078-SJC, cache-fra-eddf8230066-FRA
traceparent: 00-000000000000000000057a76f7c3a2e4-250be50741178b6d-01
x-timer: S1681252048.273107,VS0,VE0
etag: "EMKH4Lmcv0jpPecX1lsuI9JDUC4i6ZE+vkcq+Tq/75s"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 5, 3092

GET
H3 200 jquery-3.5.1.min.js Show response
www.tndeer.com/js/vendor/jquery/ 87 KB
31 KB 171ms
171ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 18:51:00 GMT
server: cloudflare
etag: W/"63470c94-15d84"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a8356c3f3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:39 GMT

GET
H3 200 vendor-compiled.js Show response
www.tndeer.com/js/vendor/ 43 KB
13 KB 156ms
156ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/vendor/vendor-compiled.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 18:51:05 GMT
server: cloudflare
etag: W/"63470c99-aab8"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a8357c453a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:39 GMT

GET
H3 200 core-compiled.js Show response
www.tndeer.com/js/xf/ 209 KB
60 KB 169ms
168ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/xf/core-compiled.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 15:49:12 GMT
server: cloudflare
etag: W/"63920778-3439d"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a8358c583a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:39 GMT

GET
H3 200 structure.min.js Show response
www.tndeer.com/js/sv/ese/xf/ 12 KB
4 KB 134ms
132ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/sv/ese/xf/structure.min.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 563d12141db74e1f0b132d31b435b45a9f11ea127d1ad7468cf926353e1d5cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 18:28:25 GMT
server: cloudflare
etag: W/"64272649-31e9"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a8358c5d3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:43 GMT

GET
H3 200 campaign.min.js Show response
www.tndeer.com/js/Truonglv/Sendy/ 2 KB
1003 B 134ms
132ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/Truonglv/Sendy/campaign.min.js?_v=ba4f7f97
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: efbf880354b4a5d269e537e95eaac5f228c4692ec65052ade9988f3b7e4d379c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2023 03:52:29 GMT
server: cloudflare
etag: W/"641686fd-60e"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 7b66a8358c5f3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 30 Apr 2023 18:28:42 GMT

GET
H2 200 advally-5.6.0.js Show response
cdn.adligature.com/rules.js/ 109 KB
29 KB 17ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/rules.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5392
cf-polished: origSize=178816
x-guploader-uploadid: ADPycduJyxDIMrtKMjO2VQT8BCPXsYaTKVQ1e3D9qXBi23IU0Nj7Jj-jmrNipv4NAa30uQ9kMHt8WIDy76j9QLsoaEzLsA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 14 Dec 2022 18:36:31 GMT
server: cloudflare
etag: W/"93d406c6937e7a8018d85789ad1193d5"
vary: Accept-Encoding
x-goog-generation: 1671042991645353
content-type: application/javascript
x-goog-hash: crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FuUwqNt4AuL%2B5BEF7bJPcr1qz7E2fGZeQ5dQCX2k8DfsG1VfMQFpX4bqK30H7f5ch%2Fa1LGyTtgLROxI%2Fo4d8K7AdXAND788aZfwdgLLbYRFHEsF4iXT%2FS%2B31JrONReAslPNfGcwL6DIXxkPUWJ7uso%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 178816
cf-ray: 7b66a8358dcc3804-FRA
expires: Tue, 11 Apr 2023 22:22:13 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496070d4e9503642b0ec489d7b00d6d0f1680d0fad5b6d0cdafaa482ab1a706e

Request headers

Referer
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK 20594.jpg
data.www.tndeer.com/avatars/s/20/ 1 KB
2 KB 351ms
308ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/20/20594.jpg?1603834723
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53ff29e4f891fa5d328d916f1e584837251dcd84b2aa97dc6aec0d0f6f713f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:56:49 GMT
Server: cloudflare
ETag: "168f452c758fa68a801b470743f5bd17"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a836390e30e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1381

GET
H/1.1 200
OK 7419.jpg
data.www.tndeer.com/avatars/s/7/ 1 KB
1 KB 350ms
308ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/7/7419.jpg?1603834067
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef25e46cf5c858d8c1b4f30f77000ca3c824eebed4382cb9ba2d5555dd2647d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:56:28 GMT
Server: cloudflare
ETag: "9bff853328274c3ab5027faaa67d9d27"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8363cb42c52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1079

GET
H/1.1 200
OK 21158.jpg
data.www.tndeer.com/avatars/s/21/ 1 KB
2 KB 348ms
305ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/21/21158.jpg?1680204730
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f46ea49987082d9560b53056fc1334c68fe31fc6fd5050ef87d526b618a7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 30 Mar 2023 19:32:12 GMT
Server: cloudflare
ETag: "891a220216e07cb65c3eecd925347f7b"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83638fc9268-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1483

GET
H/1.1 200
OK 10346.jpg
data.www.tndeer.com/avatars/s/10/ 1 KB
2 KB 656ms
308ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/10/10346.jpg?1603834229
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b964e6016328cace3d4d17dba1a6920f1fcdb95278f89d5200686c0fd9b3cce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:10 GMT
Server: cloudflare
ETag: "691f8832a38b87b215c5a4fe0e9c21e5"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8381a649268-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1298

GET
H/1.1 200
OK 2648.jpg
data.www.tndeer.com/avatars/s/2/ 1 KB
2 KB 366ms
16ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/2/2648.jpg?1603833670
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00021dd157ca3c9d0b89394313d3c248749b555772b3b0e52e4b23546657792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: HIT
Age: 31057
Cf-Polished: status=not_needed
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1529
Cf-Bgj: imgq:100,h2pri
Last-Modified: Sun, 29 Jan 2023 16:57:58 GMT
Server: cloudflare
ETag: "7b1dfcbee37a7f624ddb692b5090aa4b"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7b66a8381eb82c52-FRA

GET
H/1.1 200
OK 2474.jpg
data.www.tndeer.com/avatars/s/2/ 2 KB
2 KB 756ms
405ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/2/2474.jpg?1629895801
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4b00dd786b6b04cb6d58982b5988e0b420661c4397a6c47202c4f445735dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:55 GMT
Server: cloudflare
ETag: "b0eba1f9cc467d2ef2c058e010da0dde"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8381b7430e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1592

GET
H/1.1 200
OK 16465.jpg
data.www.tndeer.com/avatars/s/16/ 2 KB
2 KB 344ms
315ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/16/16465.jpg?1608297438
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3a5247c27c9025fb8e2c12b2cd77255c02822a26fa26a90c7ffafa22082a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:56 GMT
Server: cloudflare
ETag: "11d8a929bea9b4461fd58e05b46c7002"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83629c9085d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1841

GET
H/1.1 200
OK 10067.jpg
data.www.tndeer.com/avatars/s/10/ 2 KB
2 KB 1072ms
739ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/10/10067.jpg?1603834222
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082a2cf52565b28d349a27dc85e1861a31bbe2941b8b9bda324328f81893504e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:06 GMT
Server: cloudflare
ETag: "6528b71dcbb34037dab5dd2301350a99"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83a2a06921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1896

GET
H/1.1 200
OK 9937.jpg
data.www.tndeer.com/avatars/s/9/ 1 KB
2 KB 623ms
313ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/9/9937.jpg?1660534277
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c82f2aaa49e931b60ce69392e662d200ea6e24eacdea2bb2ae6f5eb96e1151f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:39 GMT
Server: cloudflare
ETag: "210300de40594f1e01af26cb232516d0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83a0bdf9268-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1306

GET
H/1.1 200
OK 10762.jpg
data.www.tndeer.com/avatars/s/10/ 1 KB
2 KB 629ms
305ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/10/10762.jpg?1608307092
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7025af237e4fbfbe30c03acf573b1ba1bf333b92432815563a7f9bb86edb84d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:11 GMT
Server: cloudflare
ETag: "764a1e275b1debd5af6660b8b8e4f54e"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83a1cb5085d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1141

GET
H/1.1 200
OK 14197.jpg
data.www.tndeer.com/avatars/s/14/ 1 KB
2 KB 624ms
293ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/14/14197.jpg?1603834340
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec3104b3bb00345e3b121a9f33f4bd0f9d8494dbf41302b2584dab9c6a71540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:55:30 GMT
Server: cloudflare
ETag: "b51d11c5fe81246c8c253025cd231d76"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83a2e86362d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1483

GET
H/1.1 200
OK 3026.jpg
data.www.tndeer.com/avatars/s/3/ 2 KB
2 KB 396ms
377ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/3/3026.jpg?1630073974
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3502871ebebf767e2dd0ff47d71900de44c714070e83de2032bfb4d8fe2a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:31 GMT
Server: cloudflare
ETag: "d982fdd63d96855825f6770d06c8ff3c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8383ed82c52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1628

GET
H/1.1 200
OK 21132.jpg
data.www.tndeer.com/avatars/s/21/ 2 KB
2 KB 332ms
323ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/21/21132.jpg?1608889469
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c6333aafc87008cebf7f79b09ecdccd506a6bb3a59f59f743171bbbbfa0fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:18 GMT
Server: cloudflare
ETag: "0e76747ffe255667d3be287d374ec4bf"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8382886921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1948

GET
H/1.1 200
OK 5758.jpg
data.www.tndeer.com/avatars/s/5/ 1 KB
2 KB 322ms
314ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/5/5758.jpg?1603833928
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fbbb674b9b7ca70ef66cbcf6b67a0a9b500d41220f8128ff73982e70207e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:47 GMT
Server: cloudflare
ETag: "eef217aca37fb0a217c60844297a8d24"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8382b69085d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1271

GET
H/1.1 200
OK 21555.jpg
data.www.tndeer.com/avatars/s/21/ 1 KB
2 KB 669ms
640ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/21/21555.jpg?1656184979
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 904af0bdf4b9b3255993bd2225ac18c8bf2bc602483f1fbf8867c126e39b016d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:30 GMT
Server: cloudflare
ETag: "527b2781405fa7123c30dad0a2678409"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8362a33362d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1395

GET
H/1.1 200
OK 9834.jpg
data.www.tndeer.com/avatars/s/9/ 1 KB
2 KB 815ms
418ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/9/9834.jpg?1605972400
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650d02db02cd5eefd381c4531ebfb416034ab56a6588d2b2a607a51d17c16db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:33 GMT
Server: cloudflare
ETag: "ed18c752a4149ef1a88d8b7d3f2231da"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83a99832c52-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1137

GET
H/1.1 200
OK 5534.jpg
data.www.tndeer.com/avatars/s/5/ 2 KB
2 KB 711ms
302ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/5/5534.jpg?1676147444
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13d25399949d8d43d6a4103d3e445aca9d120ad9f401788ac6a8aac92abf2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 11 Feb 2023 20:30:49 GMT
Server: cloudflare
ETag: "88c26cff001e3fc3dbed681cf756b544"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a83aae4630e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1654

GET
H/1.1 200
OK 23580.jpg
data.www.tndeer.com/avatars/s/23/ 2 KB
2 KB 344ms
314ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/23/23580.jpg?1677169122
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de6cedd3c6f0abcd4d9335d96fdd8d6d36c843139dd2662fd0e9cf23272ce65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:28 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Feb 2023 16:18:47 GMT
Server: cloudflare
ETag: "8f456f4b5e364bbb8c38084f01c73d08"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7b66a8362ee2921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1742

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 53 B
208 B 47ms
9ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 493fcd04dc5b6aa93647eb988ea0eedc3f590a9e65df25cab2e5f9331e092eee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 11 Apr 2023 22:27:28 GMT
Content-Length: 53
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 103ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55035c8e1bf91b46dbaa3e38e88b196fc198dbf0ba6ad73dda3d8ffad5ae2c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25601
x-xss-protection: 0
server: cafe
etag: 499 / 19458 / 31073608 / config-hash: 11483479642786645906
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:28 GMT

GET
H3 200 prebid-7.25.0.js Show response
cdn.adligature.com/tndeer.com/prod/ 282 KB
88 KB 135ms
135ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.25.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16714166f6d7b0e7cfdac37586ac4700eac402f2f3baefcc8e2b724edce52d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=289691
x-guploader-uploadid: ADPycdu8JUJdfKoi9rfwAKBM5M69ZqAE3d09hZjnmYtAyGrGhlrPJgVUeyoqNEdZJkV-XakgtGX3-JExIWinv54oeVtg6fDOIkFU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Feb 2023 14:25:09 GMT
server: cloudflare
etag: W/"37b69b36412c03605983e6274ce86676"
vary: Accept-Encoding
x-goog-generation: 1675261509095206
content-type: application/javascript
x-goog-hash: crc32c=eA9/rw==, md5=N7abNkEsA2BZg+YnTOhmdg==
cache-control: public, max-age=900, s-maxage=300, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7uyFNXRo3WzNJojhr%2BvaDot%2F%2BjIyCApgDrX1jP4AWRtuy5B2t7mXooM%2Fc0z9IfoI8tvybQrnsOGuTz%2BrMdh7NM5k9FYfX2bAa5tToTsdakqTe%2Bigk5VNzuSkomu25VfgkaX2sI%2BNZrcsu4pfbSEaek%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 289691
cf-ray: 7b66a8361c7f3aa3-FRA
expires: Tue, 11 Apr 2023 22:32:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90928980-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b8a10b9346fd2cde25b5c9f74777e5ff5ccc9b38a220dbdff92a168a801a768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Apr 2023 22:27:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90928980-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 22:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1339
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 12 Apr 2023 00:05:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=650044848&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tndeer.com%2F&ul=en-us&de=UTF-8&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2090875815&gjid=668553211&cid=2134955441.1681252048&tid=UA-90928980-1&_gid=28373760.1681252048&_r=1&gtm=457e34a0&jsscut=1&z=1136543516

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBRKLEJKHZ&gtm=45je34a0&_p=650044848&cid=2134955441.1681252048&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1681252048&sct=1&seg=0&dl=https%3A%2F%2Fwww.tndeer.com%2F&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-90928980-1&cid=2134955441.1681252048&jid=2090875815&gjid=668553211&_gid=28373760.1681252048&_u=YEBAAUAAAAAAACAAI~&z=343543966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Apr 2023 22:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/ 396 KB
123 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44d21155299f7586529228bfb9bef99d121ad611a2c9496aa544f0ed1370f4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 19:56:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9076
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125536
x-xss-protection: 0
server: cafe
etag: 10528700666617946181
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 10 Apr 2024 19:56:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 169 B
136 B 57ms
41ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tndeer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f290ca7d6fcd4d6573cf36f2bd2c9d8136cb56d1f6274ba9a44b44ab2f8d59dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:28 GMT

GET
H2 200 embed.js Show response
cdn.convertbox.com/convertbox/js/ 3 KB
2 KB 75ms
12ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com/convertbox/js/embed.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: a0e1c37da098045303af8bdaa18a04274fd47637c5bc20da46f8b8b48a8b72bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
cdn-edgestorageid: 864
cdn-cachedat: 02/05/2023 21:16:43
cdn-pullzone: 53020
last-modified: Thu, 05 Jan 2023 21:00:06 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63b73a56-bff"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: f04cbc0d2522e83fc035aaf6dcc256e1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 invisible.js Show response
www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame C31F 26 KB
13 KB 14ms
13ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681243200
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b5ae0b28fc233065c3c3172e62dad39866d945081f110b32f953a07d11dbfda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b66a8370e1c3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fa-brands-400-min.woff2
www.tndeer.com/styles/fonts/fa/ 3 KB
3 KB 127ms
127ms Font
font/woff2 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/styles/fonts/fa/fa-brands-400-min.woff2?_v=5.15.3.1679198059
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1680287318&k=ca6964a7eb755900fcab87efc60a07b5edb3f6e9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: fcd835c1d21100d3af3cc7a0eb2a66e5b4b33b571b17f8856b2197cd85def3ef

Request headers

Referer: https://www.tndeer.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1680287318&k=ca6964a7eb755900fcab87efc60a07b5edb3f6e9
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2023 03:54:20 GMT
server: cloudflare
etag: "6416876c-c00"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7b66a8370e1e3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3072
expires: Mon, 18 Mar 2024 03:54:30 GMT

POST
H3 403 keep-alive Show response
www.tndeer.com/login/ 5 KB
2 KB 22ms
21ms XHR
text/html 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/login/keep-alive

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=ba4f7f97

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a49077bf1dacb1fa6ffc4357abcc3c681e16f6f3253927bd6c566ea5c2a8815

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tndeer.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b66a8370e2d3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/255837/ Frame 9C19
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/255837/connatix.player.dc.js

1021 KB
263 KB

53ms
27ms

Script
application/javascript

172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/255837/connatix.player.dc.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a31995c7ac671e2812d5ec2a695d5cdf3a637338d0e374a8b31568ffc5c983c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
x-amz-version-id: bxE62dOj0YSbM1DE9rfaU3t68T2WUxuG
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Apr 2023 11:00:37 GMT
server: cloudflare
etag: W/"13fc7a1fa553df7d4e93e574ec58cd4c"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7b66a83959ac3a70-FRA
access-control-allow-headers: range
expires: Wed, 10 Apr 2024 22:27:28 GMT

Redirect headers

date: Tue, 11 Apr 2023 22:27:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/255837/connatix.player.dc.js
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7b66a83848793a70-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 160 KB
51 KB 82ms
20ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 545fbacd3b5e548f9b58d7e975eb6863c07ee13515dc13181a5e295ecd6d86c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 15:07:42 GMT
server: AmazonS3
x-amz-request-id: J974EJZGHSK4D4VT
etag: "9e8e7f6821da6a197bc252cf35c08387"
x-amz-server-side-encryption: AES256
x-hw: 1681252048.cds282.lo4.hn,1681252048.cds072.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51481
x-amz-id-2: WG/D3iTGkjPhqkk+XBcJYF1hCJ1UKoGZi399+NS9zZYQT09zqP91O4q2484G3efisrKI3UaSePU=

GET
H2 200 op.js Show response
tagan.adlightning.com/advally-dildymedia/ 45 KB
18 KB 52ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.6.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42fce8b8b4d2fb7383db4c88e1aa65f0f05a9cdb1b6352c811149dc8ed342c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: lGNKQquY1ik0FP_9Kkm_cU2JrTOguKuX
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
date: Tue, 11 Apr 2023 22:27:28 GMT
x-amz-cf-pop: FRA60-P4
age: 718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18111
x-amz-meta-git_commit: 89d2da9
last-modified: Tue, 11 Apr 2023 15:41:29 GMT
server: AmazonS3
etag: "d2d343813cfc55311b2d0ae4a6a98fd7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: HKzz5iY77dDSwsWcQWevVsYMFMvSojchRAk7WlZRDl_sXQBZDbsxmg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=650044848&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tndeer.com%2F&ul=en-us&de=UTF-8&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=614234891&gjid=926108386&cid=2134955441.1681252048&tid=UA-105997136-2&_gid=28373760.1681252048&_r=1&_slc=1&z=620255601

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=650044848&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tndeer.com%2F&ul=en-us&de=UTF-8&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=994233533&gjid=520371506&cid=2134955441.1681252048&tid=UA-197326395-20&_gid=28373760.1681252048&_r=1&_slc=1&z=756227565

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

78904ef29cb7588da244ae80a1116a5376037ba21a5c1bd75f54f352a9679c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 42ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tndeer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 49ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tndeer.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 472ms
472ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CBottom_adhesion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=1962000390&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048746&lmt=1681252047&dlt=1681252048067&idt=527&adxs=436&adys=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfd65503a8174075a443229de42b85fb5e0947045209d0835885c59bd659fafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9926
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321847
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1796ms
1796ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CTop_Leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=241676502&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048784&lmt=1681252047&dlt=1681252048067&idt=527&adxs=862&adys=7&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=728x90&msz=728x-1&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad579a22f6baedb49107f0d0ce2e9b135f8639e89fcaefdbe35121e581c6e639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 331ms
331ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=7580803&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048786&lmt=1681252047&dlt=1681252048067&idt=527&adxs=276&adys=1261&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=1220x125&msz=728x-1&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b7e64ca3c3160d6de399420225047b2dd70571cffdf23fb727b1049c7c26e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9792
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321850
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 734ms
734ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=2164342767&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048789&lmt=1681252047&dlt=1681252048067&idt=527&adxs=276&adys=1752&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=1220x125&msz=728x-1&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efe0d7f948a9af96f7b27631811066594ae91c8bc42ad2e7e24239a1524d7ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9771
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321223
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1209ms
1209ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=979018163&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048792&lmt=1681252047&dlt=1681252048067&idt=527&adxs=276&adys=2378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=1220x125&msz=728x-1&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2673204b01725c3f1efd0e28f0019288c0aba1d0aa6bf7484a1ef643747dffe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9806
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321826
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 981ms
981ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=2889762482&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048794&lmt=1681252047&dlt=1681252048067&idt=527&adxs=276&adys=3146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=1220x125&msz=728x-1&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eead50f4fbf404a1300618669c44a960ccb0801eeb2a261eee3aaed7a5d6700b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9791
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321829
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 1390ms
1390ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CSidebar_TOP_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=7&adks=2734032360&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048795&lmt=1681252047&dlt=1681252048067&idt=527&adxs=1260&adys=258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=310x0&msz=310x0&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad97ec0a60356171ca41970ac74d95c9f68f5f74c260db0e2490bd5195bbb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11255
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1588ms
1588ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4285731552635175&correlator=3479191922448197&eid=31072019%2C31073608&output=ldjh&gdfp_req=1&vrg=202304040101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CSidebar_Bottom_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=8&adks=3275158994&sfv=1-0-40&prev_scp=rand_key%3D4&eri=1&cust_params=refid%3D2&sc=1&cookie_enabled=1&abxe=1&dt=1681252048798&lmt=1681252047&dlt=1681252048067&idt=527&adxs=1260&adys=1324&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tndeer.com%2F&frm=20&vis=1&psz=310x1&msz=310x0&fws=4&ohw=1600&ga_vid=2134955441.1681252048&ga_sid=1681252049&ga_hid=650044848&ga_fc=true&ga_cid=28373760.1681252048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

784a151d62ab9bcdb51c09af52a256e8a922d7a9119f5932e12f1e00fa986bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9812
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321886
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2906 6 KB
3 KB 51ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK user Show response
app.convertbox.com/embed/ 0
367 B 454ms
116ms XHR
text/html 44.208.38.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/user?uuid=813db06c-812a-42f2-9ef5-7466214859c1

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.208.38.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-38-30.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 20
X-XSS-Protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 20ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-105997136-2&cid=2134955441.1681252048&jid=614234891&gjid=926108386&_gid=28373760.1681252048&_u=aEDAAUABAAAAACAAI~&z=1701567981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 11 Apr 2023 22:27:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4QF84DQQBY&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fd797e52f79e66e8a6ae6b1d23731acd0f7b5f9ba3db95a7425cb7f56cd150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72727
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Apr 2023 22:27:28 GMT

GET
H3 200 pica.js
www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame C31F 7 KB
4 KB 13ms
12ms Other
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55a976dd0766abb7dbc725d97cf1d83cd67dd5b776676612293bd53d9a2d01d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7b66a83938f03a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 210 KB
65 KB 51ms
7ms Script
application/javascript 2.19.228.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-228-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:28 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=70718
accept-ranges: bytes
content-length: 65523
expires: Wed, 12 Apr 2023 18:06:06 GMT

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ 78 KB
29 KB 8ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97604
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ak3q-10UeGx4YcGNsaHg1f6Qf7jS4N3hGvdqmDXuh-x6tvmWt4IJeg==

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ 37 KB
16 KB 13ms
13ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22840
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vs0ArJOGk15nSc0V7_3sqwuTV7Y8Vb4TKlvDYQuuOv0xhyu0_jidKg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4QF84DQQBY&gtm=45je34a0&_p=650044848&cid=2134955441.1681252048&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&sid=1681252048&sct=1&seg=0&dl=https%3A%2F%2Fwww.tndeer.com%2F&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4QF84DQQBY&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/demand/ 52 B
394 B 170ms
49ms Fetch
text/html 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=254316

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Tue, 11 Apr 2023 22:27:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
Content-Type: text/html; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 52

GET sync
trends.revcontent.com/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 79ms
55ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304040101/pubads_impl.js?cb=31073608

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db09b1103233c04ec8abbc8d2bd73071970eaf7477aac770972ac6199f86f7a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11292
x-xss-protection: 0

POST
H3 200 7b66a83318349046 Show response
www.tndeer.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame C31F 2 B
389 B 23ms
23ms XHR
text/plain 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/cdn-cgi/challenge-platform/h/b/cv/result/7b66a83318349046
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1681243200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7b66a83e1e5b3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A50 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0B3 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK mix-manifest.json Show response
app.convertbox.com/ 4 KB
1 KB 103ms
103ms XHR
application/json 44.208.38.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertbox.com/mix-manifest.json?1681252050
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.208.38.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-38-30.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d075b5c2f75d7e22200ad7d24dff1039f6e7497160a5de2443bf0086398271fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Apr 2023 23:55:26 GMT
Server: nginx/1.20.0
ETag: W/"642a15ee-f99"
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1014

POST
H/1.1 204
No Content api-errors
yeet.revcontent.com/yeet/events/ 0
0 50ms
49ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Tue, 11 Apr 2023 22:27:29 GMT
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 167ms
49ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 11 Apr 2023 22:27:29 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DD3 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D643 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:29 GMT

GET
H/1.1 200
OK / Show response
trends.revcontent.com/api/delivery/ 19 KB
10 KB 126ms
126ms Fetch
application/json 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=254316&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.tndeer.com%2F&icr_url=&va=0&user_uuid=undefined&time=1681252049866&up=pc&bn=chrome&bv=111&widget_width=1220&style_id=0&idhub[pubcid]=2f82a092-e2fc-4551-8062-2fdc72b2f383&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

bb6b832663d2a15ee66acc81f3c5e6e7103d47c9c2ab4e7545961b66dee32a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-RC-Region: eu-west-1c
Date: Tue, 11 Apr 2023 22:27:29 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
vary: Origin
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 3A50 37 KB
16 KB 11ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wx9hyBOxEytCyqimwXCyGBg2MbSEAerqgNMgdbP1p6mQU63_vRAMqA==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 3A50 78 KB
29 KB 11ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: P3ljI0jyJFEvNl6r5tiAOCW_mgM81bT6tw1iGcMZuDmYk-FVp620EA==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3A50 24 KB
7 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3A50 137 KB
47 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bb37ba328d5c79a4c56e52abae3c4decf65c6f6e775702d2ba71632f9522bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47837
x-xss-protection: 0
server: cafe
etag: 8743128455054872564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A50 159 KB
49 KB 65ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:29 GMT

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C0B3 37 KB
16 KB 8ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -g6IRf1Rpa3nKjMilLCF7-nUz9RYvlxFPzITSKL1s4j9mS-pJfJtgA==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C0B3 78 KB
29 KB 9ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Kz5qCbQoU-6fm9ANGVQW7vHOkVc1ntLT9c0ievmtHQpS2A7-LuJacQ==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C0B3 24 KB
6 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C0B3 137 KB
47 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

141cdf9bbf78ce29430490c73be6fc73761545f8ca3a44b1bc85a0a6fa94c28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47830
x-xss-protection: 0
server: cafe
etag: 10977922398138485120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0B3 159 KB
49 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:29 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
646 B 67ms
18ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Apr 2023 22:27:29 GMT
age: 60798
detected-user-agent: Chrome/111.0.0
useragent_normaliser: chrome/111.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Sun, 05 Mar 2023 16:54:09 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/111.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 1DD3 37 KB
16 KB 11ms
6ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lihtt3Jp-fUW69o4T1j8fFBka068qU6vTL5I9rON3G3L_CYp3yuKXg==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 1DD3 78 KB
29 KB 11ms
7ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ve1fNTn6w18neHUDvFbVgc9f-S1441hmwNH38bOY7Z64IMxiprqNKA==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1DD3 24 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1DD3 137 KB
47 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d95b2ed132235820ff25361f187e4b76ba46889c15b329fad73678cd044e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47831
x-xss-protection: 0
server: cafe
etag: 10066921714308022515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DD3 159 KB
49 KB 54ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:29 GMT

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame D643 37 KB
16 KB 12ms
9ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22841
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0h1n_GUqimCzayI6zJlP2zhqXNwL0nruWLufvmwZgrkQ_jnwvnSgUg==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame D643 78 KB
29 KB 11ms
10ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pxpK6e7mStM9s3eIqu0PrUrcR6GqaBHdCZ_MuYOCmqBbf3NKIVRqcg==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D643 24 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D643 137 KB
47 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

745e6a96c11470ed5191bcce4d909c8d418cf7a97bc57f4f460ab6606bc91974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47830
x-xss-protection: 0
server: cafe
etag: 15920232520364301914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D643 159 KB
49 KB 50ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:29 GMT

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3578 6 KB
3 KB 11ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame BC81 78 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rSfsAxyYyaaPmiZPqDKGj3HYFpuFp98MpfA0_k9pB4vWscq67tq1wg==

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9F4 6 KB
3 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC02 13 KB
5 KB 15ms
11ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E32 783 B
1 KB 52ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bbd6ba4e335f68e6560bd5f1c6d57b3b1a72e665319bc3754d24c773ec309cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QgXWmtLmOyn2rWt28lPpMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-QgXWmtLmOyn2rWt28lPpMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:31 GMT
expires: Tue, 11 Apr 2023 22:27:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2043 6 KB
3 KB 18ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:28 GMT
expires: Wed, 10 Apr 2024 22:27:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 embed-core.js Show response
cdn.convertbox.com//convertbox/js/ 519 KB
142 KB 27ms
14ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-cachedat: 01/04/2023 09:19:56
cdn-pullzone: 53020
last-modified: Sun, 11 Dec 2022 23:15:59 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"639664af-81cb8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: 91d4ad7a69debaa16b2013e33f56492f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0B3 0
0 50ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjA322NOeeOrbqQO346vqA6D-xt0j4yOAZYOW6HcTekLrcJuE1ikHfEe8RnFUZXWj_dliaOZCxsdHkpoMTKTxnolSBNrAmej8RRdkEfMU359fIfUTqJU_F8Eh_PlrTR8sc2tgUmN7PJF9qSFhLBACADb2659CFnQlckduDmMO3_De5gHkm44M2Fnz7IeQVu1-vULqncanZEOb7dDht-mW0wBy_WP9wYb6fBEB8BUGSE1EqXUP-A5lCpl2ZC83zu-pgWAXVHI9ldRWeISk2ldoJJcB8_im3TE5qxOh4nnSZUsbylL00sYBcyaIPko0X1nt9kJON6grCTg&sai=AMfl-YSdazTIry4_N_hwIY5g6wlWdHDd-FA28CnorUWd8lTJ0Sslg7sW6nMGlO_pP88dIuAAsKUKdLJcNlAKXJFN87QLuoRJqhMYlJAFzIqsYUgBW4kpfhlM2Z0J0hx8hWn4o1YY5QSxnuIgN_Fkpv4w&sig=Cg0ArKJSzFdTn699Uhr-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3A50 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn1SIVi8h_Hs6JYrQucHtgQYGkcRdx37rSOmGbcV1fIe0v_o8YxYCB--7WOk4JkaPI6FFbR7UcOrLMFgd0CQ6dnKBihwN0dAgW1uoHH7AT2Z9QYgFuRr-SbRYK3BtRUkx4wxUi-UMyZKfzJa5oY1yoVBCx264NeIhLMK5YktIC1bCcsLXAG9elgEDQV_7xYdXq6RKF9EGEjow5x-4-0MiDZnRc_Prek8Bc0LCfELATCRAmTQYSiGgqRF0DOTbPVWGRjWjuGJMdGWry-4x7_LSUmi3g0QwgOSfQBozYjn5sX0cgYERSHGXNWjpRcEq45Z-h&sai=AMfl-YQwS5s6boHOn897J57xSfQ69qzS5qZkRHEe4nBqvJycKRXVW_aELTA0ZYFvnP2c1Cb220RY4ptdY0pD9bXoYOWAoyglPJxmkNAQhHOYJvDjVXuevWmZPkT787YB8aUJNdJlMX5UvFn_auwamiY&sig=Cg0ArKJSzJnqWRV__J9wEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H/1.1 204
No Content impression
trends.revcontent.com/event/ 0
0 135ms
39ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-RC-Region: eu-west-1c
Date: Tue, 11 Apr 2023 22:27:31 GMT
Strict-Transport-Security: max-age=931536000; includeSubDomains
Server: openresty
vary: Origin
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
Connection: keep-alive

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
17 KB 27ms
27ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: a4d0d3abf73a800df65bd575abb6f985b4da321f8f07b89e7c75cb386a102e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 15:07:42 GMT
server: AmazonS3
x-amz-request-id: HMTTPK22HMB9CHR3
etag: "d04525d0eb990f7c0215efac5469bd3c"
x-amz-server-side-encryption: AES256
x-hw: 1681252051.cds282.lo4.hn,1681252051.cds287.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 17001
x-amz-id-2: GrLWAwVC3dTcM7iGionHwaqTRF9M+RFV58E0rcb+tbVhhE99+igfitpnU9HLV+Xa/N7socyorqBy7ivwXi8iqrGyspOzc/8DFJv4ieyI2wM=

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 23 KB
7 KB 45ms
44ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: bfa804616663a38927300c5f94d5ab273912adfedc79b3c3b9012826b10ae23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 15:07:46 GMT
server: AmazonS3
x-amz-request-id: J97486TXKTX75PFQ
etag: "fc11d37b236b434eb030a6352a866246"
x-amz-server-side-encryption: AES256
x-hw: 1681252051.cds282.lo4.hn,1681252051.cds220.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 7093
x-amz-id-2: bhoxGWSPP73I2BZ05bMHmdkdF169LAUKbkPQ66MQN4dX0luxFDAnO++2MDzKmaZWqpG5jg4m7WA=

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
9 KB 40ms
40ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: b5ccc9d852a1604a640980c355232aa043f98d572b42bebc48da759a4ec56486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 15:07:44 GMT
server: AmazonS3
x-amz-request-id: J97AEYJPF0Z4RTW7
etag: "b35aadcee4a61136b071c359ffb6f749"
x-amz-server-side-encryption: AES256
x-hw: 1681252051.cds282.lo4.hn,1681252051.cds235.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 9189
x-amz-id-2: bIKSe69SFj2UzYfIJXVZaXu5bghFRfg/66HqPFlH+Ntpda7T2XG9u6JyveypHadBJZiU4fPsu24=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 44ms
44ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: cc3397b2274a960f18aeaee94e4bee0ca53925f7d10dea8b54faff568fee1ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
last-modified: Tue, 11 Apr 2023 15:07:43 GMT
server: AmazonS3
x-amz-request-id: J97AAQPCSTASM4Z6
etag: "630a2745200422df5fdf8857afb81034"
x-amz-server-side-encryption: AES256
x-hw: 1681252051.cds282.lo4.hn,1681252051.cds103.lo4.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 1668
x-amz-id-2: ruz50006osVGN6KUYl06OgF+0NYphgRfi+t/G9RYqearf10UTR8lt7WIJqxuk0PXxJyzpW0Swxg=

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 438 KB
140 KB 293ms
8ms Script
application/javascript 2600:9000:20eb:4600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1f5aaef4cd2310936af3ebbfc642f3aa055dac6f44e97fa295b8374212b20fab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 16:18:43 GMT
Content-Encoding: br
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Age: 22128
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 11 Apr 2023 16:18:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: lgt4I0lZ4rpIuXjMLQbZEJvMFe6L-xQQ12WoirmDDru90ZBb8gqTWQ==
Expires: Wed, 12 Apr 2023 16:18:43 GMT

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 371ms
86ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1681252051.cds217.lo4.hn,1681252051.cds249.lo4.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
249 B 343ms
102ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.tndeer.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tndeer.com%2F&domain=www.tndeer.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=j-uMXXxqb2dVVVFZblFUUDFJalZDNVBiemRFNWxsZkI1WHVXeWYxZ2dwQklvUW91cVFhNmhnc2Q1MFhqcnlrbGRiMEE0TFJUNlE5bkEvTUp4dkpoclpianJHak1CUGtFazlxM1RZY2FQengzNHdQT25QKzFlU0pMSENhWE...

421 B
583 B

45ms
14ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=j-uMXXxqb2dVVVFZblFUUDFJalZDNVBiemRFNWxsZkI1WHVXeWYxZ2dwQklvUW91cVFhNmhnc2Q1MFhqcnlrbGRiMEE0TFJUNlE5bkEvTUp4dkpoclpianJHak1CUGtFazlxM1RZY2FQengzNHdQT25QKzFlU0pMSENhWE5KdUE0cVp2VnM2N2FOYzltekxPSGV2WHBpVFZKV3B1TXZGaTVjdTR2Q0hGUTRocDhRNC8zSEFub25VWlRPTVluV2VKZnhhbU9wSERJQzVWREhjSi92blJZbFpRc252eWlmbFNPeFh2bkhCZXJnZjlOWkF4Y016MVkzdXB4L3hBd3VUNDkwZ2hHfA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58f56cdaf7f32a5b59c5ebe36301957e8eb03efe748026b5d6d2888ce9df56ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 854005
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=j-uMXXxqb2dVVVFZblFUUDFJalZDNVBiemRFNWxsZkI1WHVXeWYxZ2dwQklvUW91cVFhNmhnc2Q1MFhqcnlrbGRiMEE0TFJUNlE5bkEvTUp4dkpoclpianJHak1CUGtFazlxM1RZY2FQengzNHdQT25QKzFlU0pMSENhWE5KdUE0cVp2VnM2N2FOYzltekxPSGV2WHBpVFZKV3B1TXZGaTVjdTR2Q0hGUTRocDhRNC8zSEFub25VWlRPTVluV2VKZnhhbU9wSERJQzVWREhjSi92blJZbFpRc252eWlmbFNPeFh2bkhCZXJnZjlOWkF4Y016MVkzdXB4L3hBd3VUNDkwZ2hHfA&cppv=2
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 279423
content-length: 0
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ 216 B
624 B 250ms
12ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

c11764f39ab90ed0ae52ae7c69c52c3e03872f1591d29ad1fa1bf252643b45e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tndeer.com
date: Tue, 11 Apr 2023 22:27:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
317 B 270ms
34ms XHR
application/json 54.194.225.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.225.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-225-26.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache
x-server: 10.45.25.229
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
389 B 263ms
31ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 4e502892e02dc38ef4956c235d47141e2d3ee7ba8fb8ecc2b714e8aa23afaf24

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tndeer.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Thu, 11 May 2023 22:27:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame C0B3 347 KB
116 KB 94ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d0de157321b2532505e3a135710045ca52f2285b545a57c55663f5553fc5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118941
x-xss-protection: 0
server: cafe
etag: 17370000724627735614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/ Frame 2BEF 10 KB
5 KB 59ms
10ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230406/r20190131/zrt_lookup.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:15:04 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 11:15:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 3578 37 KB
16 KB 18ms
15ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DdE94pnb-1hIb8o6JBV___GadvQxX49Mi_ojxENTlOAJM0SMKpC2lA==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 3578 78 KB
29 KB 33ms
31ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4bfP8JtAmnnbpZcaTUpt6brZHiIoxpFim_-FxY4vKlutentUkr2Y7Q==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3578 24 KB
6 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3578 137 KB
47 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91503170d21d69ec143f4a373e54a5805f345ae332503cff548d5a48076ee0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47836
x-xss-protection: 0
server: cafe
etag: 2657759550059136875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:32 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3578 159 KB
49 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C9F4 37 KB
16 KB 43ms
40ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: F6FdL19zrfvVtOJkW9VlzgvXMPEBdkZjVAXuzOZBWP6l5QJAowBX5w==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C9F4 78 KB
29 KB 44ms
42ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -ihUHMd6cG4qEZDxtwv44UiHGvT-6BctDIoytsUEkxxj1k8PK0UYmQ==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C9F4 24 KB
6 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C9F4 137 KB
47 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1b0a63f06decc2aa0f3fc0ae814062bf0d45de530314b838ddf3acdeb7285c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47829
x-xss-protection: 0
server: cafe
etag: 3990783237278901194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9F4 159 KB
49 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DD3 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu24VaZdw6EzGd-hjevdhtndU2TcvIR0fA1EfXq7nFqkPhaNWtd2EFkCsszi9HocQwZ_cbaeaDIWqfKWWWLgrvz2UOtfrTFgxP8b1Nm8UoBadtE0-UjO0iSxCgKBu2y3FbZkLXhqPyORqS7W0T1gyIVyR3uhQErdRUPTvFdS9tAaHIRRM6WZucIoOT8xbsKot6upXVpmpVltVTRKTzUyXIuy1wMDWrWX5fNJYsQSrEguWuppx-8kvoA_53ewyZUZ9IffJMoXN1A87N5qa0Gp-CNn5kwbnBJFpOnGVpJ1xqqPSgI7TUxod7MXgZsxNuTxcHq&sai=AMfl-YQ87I574ImwpKWJl8LzXTRVdTDGQR50hZj0Ob9H9lD1zhAyV-QVPj-mrIViAfcOH8hy5Y1_EqkuOWxxF3sOsxqEFUBZl3tiak-OelfOg9CcCZhxBQx48QRcMPD9NyX2UpOfkrra7zfNpbnvTFcX&sig=Cg0ArKJSzFiSpoq_LWnvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 3A50 347 KB
116 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39fdb490d80c02dcd0378af006d4be12e4c781bb1ec561ed01910a3ed25fd690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118928
x-xss-protection: 0
server: cafe
etag: 9092037076770437036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

POST
H3 400 popup Show response
www.tndeer.com/misc/tsi-campaigns/ 376 B
642 B 340ms
339ms XHR
application/json 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/misc/tsi-campaigns/popup

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=ba4f7f97

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5f03828fcf726a934527a165172d68f8798b73e10bb72022aa40ab15ea821999

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tndeer.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 11 Apr 2023 22:27:32 GMT
server: cloudflare
x-powered-by: centminmod
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, no-cache, max-age=0
cf-ray: 7b66a84bdc3e3a61-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 376
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 383ms
16ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tndeer.com%2F&domain=www.tndeer.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 11 Apr 2023 22:27:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 225851
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bl-deea5a1-3951771e.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 2043 37 KB
16 KB 30ms
7ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-deea5a1-3951771e.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 16:06:49 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: GFylkTa7o0OmUInW6swFaayoRug_R39N
x-amz-cf-pop: FRA60-P4
age: 22843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15953
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 11 Apr 2023 15:41:06 GMT
server: AmazonS3
etag: "88043a9937ab7b16c3a56706300bd38d"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pVk7cePX00ezJa-XZliHLYZzWo5UcZKzVy_uxtZWfLAIEDIkn6p-1Q==

GET
H2 200 b-89d2da9-e6c1bf38.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 2043 78 KB
29 KB 29ms
7ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js
Requested by: Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 19:20:45 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-version-id: kvEZMaBJomAanAe2rewyksP8lm_K4z9F
x-amz-cf-pop: FRA60-P4
age: 97607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29461
x-amz-meta-git_commit: 89d2da9
last-modified: Wed, 22 Feb 2023 15:57:28 GMT
server: AmazonS3
etag: "406bb18fd3562e0528417db3486b6bca"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Ui8zCaFQvqRpmw7JzzLZUyGl9rDtdleBR_zKd8yvmevBfxN6qdXQcQ==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2043 24 KB
6 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 Apr 2024 12:48:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2043 137 KB
47 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4796caef51d6d208369574f34deb1fa889895573a8bea105aaf32ecf3d9f2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Origin: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47839
x-xss-protection: 0
server: cafe
etag: 4934484879126093302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2043 159 KB
49 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
URL: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:31 GMT

GET
DATA 200
OK truncated
/ Frame C0B3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f39844dd00ab127ddc7b65059413443960ff179f951581658642043ea33c900

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304040531000/ Frame BC81 222 KB
61 KB 83ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/amp4ads-v0.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 105446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61837
x-xss-protection: 0
server: sffe
etag: "4c71ce2fa24fb84d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BC81 15 KB
5 KB 93ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 105446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5234
x-xss-protection: 0
server: sffe
etag: "5c3964a98ed5c9e1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BC81 94 KB
28 KB 94ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Apr 2023 17:12:44 GMT
age: 18888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: sffe
etag: "55c7a8d78e6c0bd3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Apr 2024 17:12:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BC81 5 KB
2 KB 98ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 17:10:06 GMT
age: 105446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "d57b42639333a446"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 09 Apr 2024 17:10:06 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304040531000/v0/ Frame BC81 40 KB
13 KB 99ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304040531000/v0/amp-form-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Apr 2023 21:37:50 GMT
age: 2982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12940
x-xss-protection: 0
server: sffe
etag: "aa817619b4e21783"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Apr 2024 21:37:50 GMT

GET
H3 200 8381260403376976171
tpc.googlesyndication.com/simgad/ Frame BC81 26 KB
26 KB 11ms
10ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8381260403376976171?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnPraiu786hsl1W_f2Eqh5z4tWMuA

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f1b89fee65be040516da2e87134602f0e76b8d5f0fe6ba30bc5094f558cfb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 12:05:53 GMT
x-content-type-options: nosniff
age: 37299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26214
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 00:05:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 12:05:53 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC81 2 KB
2 KB 13ms
11ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 08:07:54 GMT
x-content-type-options: nosniff
server: cafe
age: 51578
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 12 Apr 2023 08:07:54 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC81 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:10:18 GMT
x-content-type-options: nosniff
server: cafe
age: 40634
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 12 Apr 2023 11:10:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC81 0
0 52ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyxfV0d41ZLTFO8WN7_UP5Ia24Aeds6X6b4KR4MHVEAoQASCHpM6PAWCV4pCCoAegAeyz8sAByAEC4AIAqAMByAMIqgToAU_Qh3ICUz2W9rEzl_FAhM0Z3dPEoOL3Nc6v5xYt-6y7XkEBu8icWvx9agXEQwCY3DuGzneBGTZvLEkmBbWpgOwOgP76wwcK9-pmArQS9poQ8kyrTGfKKud9XwHiCuG1cm7PotLH3_Do9uApIyJKL3UOggfTlLXoD7MSjCRfyFe8CwKwLBWwx8JFUhgW1chG866oIeUy1vBEL-ecuLczwSEVtg03NHSHumZvaxgfign8wW-G1biJOS3wo6kMfLCv8-spu8lg3cQ2_NUZBUlX8aHMSJT6C0eODqj32KCrXPWDZy7Z-eEefEzABMDylazABOAEAZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEI1W0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMTk5MDU0MDM4MjIyNDc5NBiE7QU&sigh=-HbP0pBo1yU&uach_m=[UACH]&cid=CAQSSwDUE5ymJHzM-NEwz01orweItaJOf1-p7p8XOJwXmo_df3PS4lxB50G08dgBlpVOctEmIZgaYrSkn1qIFSnBKEhNPAM1fGuLGtOhLBgB
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame BC81 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04bb07a21f9767d30db07170b11cb656adbf2561bba98a6b43e23ff9858cb272

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D643 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZn31vONCcs-vn_Jfc0Z7A1thEstL_LZ5vBJKFGIcroYMKqxjghZ0P9NfC51nykyCElNjUW24wyFWSp3tWvgLKrCXKCyeHtdMBF5Q-3pPp7tgkwEcO03zDnM09yuGP3DrVpAgv4L6GXbav8jtWABzxRHq_-w9Sc6VtfbgcLxPXLqwfTpWim_9I_j3fBIMxpGfMrDVL46OrPRdhjfgcHatNdDJ_G4aDE2SWyMZtVVx6gwiSF-PLjpMcRaOn4HZSzaYWUVsk8XJKpzlkkmUTLpWce6GRQ91baqAx04k1FwqtTeVDnSGM-qcgkmGHvEBAlimW&sai=AMfl-YTywEDyJWh7vBrhjpABwSmAcR4Jt4IQlBDf4SV1aQ1qLar23cafde_uHrYqYm7n2SyEZe0gH-6jlqvroLK-5yl_V2x6EYnagDx5Hj0jqOb85ieAbmgC-EocdBa9Ti7n19PcvG8NN2ZBOHE4L6g&sig=Cg0ArKJSzOTjkQF8cHRXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3A50 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcf8d91a751d48e4e8bec5c9b40a65339bceb711e69be3406aa0d10fb2c539e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 1DD3 347 KB
116 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86438519b2673d8427894d0f29703c4a502a0b2165524bba780b2f26d2a9380c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118942
x-xss-protection: 0
server: cafe
etag: 12207247338843956969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:32 GMT

GET
DATA 200
OK truncated
/ Frame 1DD3 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f402d42225c98ede613bf41d0aefe030e921fd8c7d9f30cfc6a93d4db444b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 200
OK page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 77ms
77ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 11 Apr 2023 22:27:32 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

OPTIONS
H/1.1 200
OK widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 122ms
43ms Preflight 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 11 Apr 2023 22:27:32 GMT
Server: openresty
X-RC-Region: eu-west-1c
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H/1.1 204
No Content page-view
yeet.revcontent.com/yeet/events/ 0
0 81ms
66ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Tue, 11 Apr 2023 22:27:32 GMT
Server: openresty
Connection: keep-alive
vary: Origin

POST
H/1.1 204
No Content widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 45ms
45ms Fetch 52.51.126.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.126.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-126-33.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

X-RC-Region: eu-west-1c
access-control-allow-origin: *
Date: Tue, 11 Apr 2023 22:27:32 GMT
Server: openresty
Connection: keep-alive
vary: Origin

GET
H2 200 bars-preview.css
cdn.convertbox.com//static/css/ 114 KB
15 KB 14ms
13ms Stylesheet
text/css 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=580b434e94b98856394c
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: fd01293520ca2a39e862bab2c2631a3ce64199e16856a42709061126b6121e28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
content-encoding: br
cdn-edgestorageid: 722
cdn-cachedat: 12/07/2022 00:35:08
cdn-pullzone: 53020
last-modified: Thu, 01 Dec 2022 05:48:59 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6388404b-1c694"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 526cb988cd4294c3b319e88541cd4618
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK box Show response
app.convertbox.com/embed/ 134 B
471 B 129ms
129ms XHR
application/json 44.208.38.30
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/box

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.208.38.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-38-30.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

4410bdbb21d2f1f8e1b8765df9dd205506412301a8588e1c90967e98588416a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuxGNu40cMWBJi1Fp

Response headers

Date: Tue, 11 Apr 2023 22:27:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame D643 347 KB
116 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4944b16bd9bb4490487e6de5e9f5b5747e684004c357f0f21de6b860c37e4743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118928
x-xss-protection: 0
server: cafe
etag: 15533780139343941284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E32 0
0 41ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304040101&jk=4285731552635175&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 css
fonts.bunny.net/ 23 KB
2 KB 71ms
14ms Stylesheet
text/css 2400:52e0:1e00::1078:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=580b434e94b98856394c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1078:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1078 /
Resource Hash: 140f9d0084e313f4256de5a079834bfa0f3f61e87db88691493f2e8da081b8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.convertbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
content-encoding: br
cdn-edgestorageid: 752
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-cachedat: 04/09/2023 18:49:30
cdn-pullzone: 781720
last-modified: Sun, 09 Apr 2023 18:49:30 GMT
server: BunnyCDN-DE1-1078
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 56ca8b8cba47b3ab388441a601f5a7a8
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame D643 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43d9df720ad08f0e48d998a869c7b139fa18efc69833c50aab55bdaf0f91769c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 164ms
13ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 11 Apr 2023 22:27:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 225505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 2 KB
2 KB 84ms
27ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
last-modified: Tue, 11 Apr 2023 16:11:13 GMT
etag: "1681229473"
x-hw: 1681252052.cds238.lo4.hn,1681252052.cds314.lo4.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86010
accept-ranges: bytes
content-length: 2091

GET
H2 200 15325530070980734337.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 101ms
26ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/15325530070980734337.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:08 GMT
server: Cloudinary
etag: "6ee8798297a52bd0f9fa11b1b77d3451"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds059.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-11-11T17:39:24.802Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 10961

GET
H2 200 8fb16b48e880ef44dc24c6e3f8df3b3a.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
10 KB 97ms
26ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/8fb16b48e880ef44dc24c6e3f8df3b3a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

aaba3136d2672accfc40ee820a19c23749273ab60886eb733f918ef2935a461d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 04 Apr 2022 17:11:30 GMT
server: Cloudinary
etag: "35bb1cf657c33f7dba4c79c6df95f3a7"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds286.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2022-04-04T18:01:23.357Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 9613

GET
H2 200 63c6a4a6615dd7-49439862.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 102ms
34ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63c6a4a6615dd7-49439862.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

74dca99b970d0012419a8f128d49177cac2cd4c59d8dd9d39d67bda7a0c009a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 17 Jan 2023 17:21:27 GMT
server: Cloudinary
etag: "f60e756f62352330763bf8fcd05fbbd1"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds292.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=153;cpu=0;start=2023-01-17T18:17:57.648Z;desc=miss,rtt;dur=0,cloudinary;dur=69;start=2023-01-17T18:17:57.689Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 7171

GET
H2 200 63c2de8bbf50e1-42961943.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 101ms
40ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63c2de8bbf50e1-42961943.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

605ba316f4ef6a7a733021106ce12b452d1f0ce609e121a3f9a89c6ced5e388b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 16 Jan 2023 02:31:03 GMT
server: Cloudinary
etag: "7ee2f66b1aab265718b26cd0e11f89d6"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds261.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2023-01-16T03:10:45.467Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 7956

GET
H2 200 5f00c1cfb074b0-59515857.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 108ms
48ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5f00c1cfb074b0-59515857.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

902b2a36a56e330557f1eb88e3d406a6a454c0d9e5d810860a11172f966f9970

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 18:23:03 GMT
server: Cloudinary
etag: "5674e7f3c4582ed0625fca42e2edeb7f"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds248.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: cld-fastly;mitm=po;dur=2;cpu=0;start=2023-04-05T13:31:26.595Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 8296

GET
H2 200 5ef46c6a678527-60310136.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 107ms
49ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5ef46c6a678527-60310136.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

4643a05e2aa46f5c134a7bb92d2fe589e0971c1f32297cdc63f3ce0f1bbe25c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Mon, 16 May 2022 15:02:19 GMT
server: Cloudinary
etag: "289f406b1a3c76fc7831ef18cdab3ed6"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds037.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=3;cpu=1;start=2022-12-30T19:31:58.367Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 6666

GET
H2 200 cd22402e953a7cbb8faa19539be5cc07.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
8 KB 34ms
33ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/cd22402e953a7cbb8faa19539be5cc07.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

3c1724d0e0546a35d6b35d39aad7cc66c49560de978c5e713dd275b81b420bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:37 GMT
server: Cloudinary
etag: "b5138cca785922281176548381135785"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds039.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=120;cpu=1;start=2021-11-11T18:09:28.543Z;desc=miss,rtt;dur=0,cloudinary;dur=39;start=2021-11-11T18:09:28.584Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 7506

GET
H2 200 616d5fe40890c4-71361695.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 35ms
35ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/616d5fe40890c4-71361695.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

f0e9ef06625e97f3b9d238e484ab459e8673a030cf94159ba4ba0dc20a2b5eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 06:44:08 GMT
server: Cloudinary
etag: "481e1400dc77a35a97b537be1caaf1a4"
x-hw: 1681252052.cds231.lo4.hn,1681252052.cds088.lo4.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=164;cpu=1;start=2023-01-06T15:47:55.852Z;desc=miss,rtt;dur=0,cloudinary;dur=77;start=2023-01-06T15:47:55.897Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8100

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
717 B 502ms
133ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=15&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc1&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8c75692f74be3ed158752bed494d66b68665ae861409f406e7608ad5cc30fb1d

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 22:27:33 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.tndeer.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame F006 46 KB
16 KB 8ms
7ms Document
text/html 2600:9000:20eb:4600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=6628d82&pid=1000177
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f25b1cbac836fb689b0542203bef51b20aa5bfa0671f6cae53fc03c3cf2c854c

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 22130
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 11 Apr 2023 16:18:42 GMT
Last-Modified: Tue, 11 Apr 2023 15:58:05 GMT
Transfer-Encoding: chunked
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
X-Amz-Cf-Id: upp2ZWuuuLQ0y64sZwbZM_Fefcwz_Q5J3jv0oHF3Tn7BZcwUlskzoQ==
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame AC02 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3A50 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXB789vO3zoWo4a6M8Lhrp5OowJ_zW9j_Ofx3KfL1SoNTDc_DaVrkUYWyMrs8nRSQGv5rViu-UAYHexyvNLufF3Hk9jn-xnuKSgVQEaAazh3eMGN4-q88ZU5Q3gnZOPza4x3RmR3XhLsVYQVUyetKrgDPS34Okl9lisukQ-X98UF8-lPwfGE6SuDFDYzkYrt3ZJ8hWGqqLMG0thlCXfrICtdx_guF4_OKQj9y0p2NDwP1zMV4gUU974OMfB9JwwLfhuHcB_g1_s0x3BpBsjnwANifcd_oy3tLlHtK08J7ULhf9lamnckGtdYMP4x8G4c5A1QM&sai=AMfl-YTF5_7mkXnASR9nEnNRclPwQawYgfFtjYNrOAKOBadaIKWt1eY7Rdpx1NpcEpRHdRiA4GnXEGm6_KYAAFmF-K7rQCJV6RSsUHSQtb64ktzBUeCspg1OvjRMTLJcBET3sqgIRD15eVAsVu72bLw&sig=Cg0ArKJSzJ4dpqTuexi9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
BLOB 200
OK e3ebef13-1c50-4aa8-a8b5-b0cf54371a11
https://www.tndeer.com/ 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tndeer.com/e3ebef13-1c50-4aa8-a8b5-b0cf54371a11
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3A50 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3A50 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F61F 0
55 B 106ms
104ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755398&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051794&bpp=6&bdt=1976&idt=940&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=4944760285053&frm=24&ife=3&pv=2&ga_vid=506964290.1681252054&ga_sid=1681252054&ga_hid=1443730944&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071755%2C31073585%2C31071261&oid=2&pvsid=1732632179286221&tmod=54957783&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ib9wn1fut1iz&fsb=1&dtd=2336

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3A50 15 KB
11 KB 56ms
56ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f94992a88ba4c47535300d9ba5a5b62a06c603f5e5d33ae6ac22d24c23b1a07f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11219
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BC81
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

21ms
20ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Redirect headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C0B3 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuquW0mTDj8jySv9xlxIuj2www8u4q_rAAbe001lzBig-ZpJ8LjW6dd7k1z7HNnnHIorycWnboiYSTXMV_niGyfVyZKrU1f4eGLYiSymvKlSgRwDRIDNgzLcWFP2WJCVi9p0Ur6UfweZ5pLZ7gbbpGgqiidhFxIxzWpAf1SAGqs8ZflaNopSCinxsJHQo72Af10ALQzsE41_b_-yQUY14pFKDmGrWD2nCumna8Yx7INZVD-gQd5iskTyK5hCjY0KmKad1emYWEfciS9IQEwRwbdCuGLjLMK7a-IxZhinJLJYDrtkT2jBPdlHnjeeLNU9hRPZMC6dR1RyKk&sai=AMfl-YQsPp-CA6zm5QoggpUNtPERzmAZhidJ8ldU4DVEe-BlTPa_ykQZ2tslR-bNpzUuluydCZgumTR79ScmKpqd83a-2xFv2JnX1slRp6Fou8K2lbWWfeyvNJ5JG6UL1CH_sbTpE1CIJYv1N0lCfKN8&sig=Cg0ArKJSzOpEILf9Lr6uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DD3 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZQnH-kbvpv0d5m6P1FKwAH9t4GGof13J8fiuO6hAkkFZJtI-NZeg3KR9buh402t2oHAbQJP6etdVh8eCA-nqmDGfW8KFOlqNKnIbuXqSzgpjlEcBptyy62mI0nWqxT5fLgrKINfyUTjmzugjv7ypNwA1MuEvT0k7rJxtYpqfHMdS5oGN0zNO3ZTI1YAWxuEvCmxCRH4LHehFXUkG9cJKKSqJb72ipuAR0DRDAP8fRDwyBcZjby5NZn_Il6hpM9ROKxtC3C12YIf1CBl2QbVnKgAownEFFemiMrUhD94SFGl0W1momcNVJhwqQXropWngGHBU&sai=AMfl-YQzexPQZruC3HbklzieNOLV6A1RdUxX_AHGrTVefdvFaKSMXGi1phcjbSOfncvust5dd9vv8LTz7lrb3qptYXZTnTeNXcLYPIYtdss8Pf4SE-S4hlRri17hi6b_fzL5HiopycNz4IXJHefOXReo&sig=Cg0ArKJSzPe7hDyKXV6WEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3578 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFBudJw3njwi7rq1zhXRgKSmUgIl8aYOkkvo5zUGu8De8mqwnnooeJowiA2ih0DK8XlMteFd0GZ86vt5mjZHMILkQHABtBNrOwUSMCLw_wiak7ywmJErXoOTOztwKXpxg98Bi6dD3mqV64Zquyp7KURhWXvNdcpc7hx26OrrJ0zmXIFgkess2rFK-rfpWid3zG37yG2HEnlEzW94CoYhIl4EZGXeQK1iSDC3R_e63Q3vofYOKD0Kkq11DEpnJPlkhiO90A5C__0L5DAgJfg9QovZidBYv9E_jZltH1bueM6wmVuGOEz-kIToUJ_KaZiOUg&sai=AMfl-YRfZUNq5z9OSvKSw0Sr91bLBnpb_ubJprPGDsIUo-x21suF9RYOPi9N-If3VEQrOL-90b1tNPLLZkaxGlfu_bDSyp4sg5mPmY5NY-y_c5xva-3nl19vchDuj4UT6CM-gbyAKUZe4QD1V7w0JMqZ&sig=Cg0ArKJSzGZk306TRspjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C0B3 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C0B3 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8941 0
16 B 116ms
110ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755400&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051653&bpp=8&bdt=1822&idt=2370&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=6001878256996&frm=24&ife=3&pv=2&ga_vid=508674425.1681252055&ga_sid=1681252055&ga_hid=1192747380&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31073585%2C31073787%2C44785293%2C44786501%2C31071261&oid=2&pvsid=553665147247335&tmod=1591938294&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ow7icte3uckw&fsb=1&dtd=2879

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0B3 15 KB
11 KB 58ms
54ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dc8af3452e5e9acc5dc0096e0ef924166b6ed4ab1263e09c4d10e8832d33732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11346
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C9F4 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuCdvNFSphQpLahNlanyAUEoKHXUAQJqiea8XxT-oRErUmJNl2s_miXmYHdFW_-cLjK4eYD26nibM9s9xpd7m12ygsp5QVSwZZEiCXMYht1tJ59eOI4h46YnCLZymVvVtl8rphEO79bjquF2QRHRk19NeSxTSQk9vHhtLnW5y3hyE5dNDNj30xDylrYO1k-DdgbXK42ziuwUy3fCqEFiLpPFuydbfpVwr6o4Y8yn7u25JsCaqcchqK6WqiTZxbJZkwuR-er0qrqs-kb673l4sB6m7-6GDkxLMRuAFWvCVJ3RIvcYcFtw7wxqqsb8Da9w6bijNg5iJgk3lUDw&sai=AMfl-YRKEA5XcZYoJsvwwuiLQOJ3nZ1BfOF2jtv1mtGa1wv5IMPTC2Sr7lsIfHf2xxoipyp8nTfTJiHNK5I8Ho3Cnj9DK9qZnu-THY7-XGXxUiVr_lNVQd5cOuXuXlCkr2wo036K5zNSU6Src1k9oagU&sig=Cg0ArKJSzF0tkth6H7MrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9EC 436 B
229 B 157ms
156ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4342707793&adk=655777048&adf=3173046729&pi=t.ma~as.4342707793&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051794&bpp=2&bdt=1976&idt=2263&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4944760285053&frm=24&ife=3&pv=1&ga_vid=506964290.1681252054&ga_sid=1681252054&ga_hid=1443730944&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071755%2C31073585%2C31071261&oid=2&pvsid=1732632179286221&tmod=54957783&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.kjzf2nkl2ll1&fsb=1&dtd=2778

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5913b50f8d42077b77f1a6bf6d776af2f464fc4cbb287687d94927813d5745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2043 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvXHfYXjfEMjMIUHIIpV-OfgUjUoH1Q2SU2RdoDsgNASXgXtgKL_loaxUJgF2gnfUsU_LXTeujfWx3J1Pnf5tq62zuyMdHb2Gjz-qIRk8C-wlm0eGQBPbfQ9y2mCwLmns0yDZf_5EqxpHgBCzWfmoy9c1jj5BU0GY3ajrHh0jyne_1NzdAYqb8yM4PQQYLN88SEkwj3nlDrVjHeIVYEtVRHef54aEI8QgP5Ybi_1X-285nj_ZNiM1oeHIecZvU75xXnJFiIyStcdHSiOHDwjhfIDI2W5VymhNVf6FPalD9zTL3JCV8_ghYv7IxxHaAi3-8EJMj5H_eJQ&sai=AMfl-YQmK3ClG5S6h6wOFrdHdtZwB9yLEeoCTZwowSJm9iEdFRZlIT9bWlQTAo-ql9rmKRPVesZUX-ZBuiGWWT_rWWORVG4oiQyaEf8KaoVcb5N4YxTZQUfxVGwb0ymH00IcavkeNviLTJY7JAKsNT1P&sig=Cg0ArKJSzEVd5bFv8lUoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D643 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvx2JknDFAPvfONoF3n3g619yzKA7zSEMV42Zqvog-ox7TlNXoTdYWpfKZ4eOivP8qWJkXOFQ24gun_OJ0p0jDDU_753tJna8RFH1VvdtBE0TTF_YeIK3UUCrKEWWx-YQg839VMM2_aWuvMho4B-pp7jQlwK4HwgXDmXNSI674X1-FAn94fiBO5BkHbjDPXoy6JrWu3VwvoHgEGZyOHz7nl3ZJt5FsCHN3JUVRW6Fx9xhXnPLZynE_iUIDQjFlnmR13rn6oh2O342cBPQWUSjmStGKkaRjEtQ8MzEhaais1HElmnCoAIb5xG80pXBkeqCWNN1c&sai=AMfl-YTq9YQqYUIwZJk6_ZiqPhcwpZ26bXppNCbNvtRizaja96oCtVW1bmyCNkzfEw2iutx3ANf2mn_eysAvdtbXv0RtiG2mOeeG3OZW59ENrL4Tq55afrDFrKFbtsKsBHoFd48gq_PmeJ1rLdk_uj0&sig=Cg0ArKJSzJDrim-IgHy3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1DD3 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1DD3 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51C3 0
16 B 113ms
109ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052174&bpp=7&bdt=2304&idt=2003&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=8587493316629&frm=24&ife=3&pv=2&ga_vid=934290547.1681252055&ga_sid=1681252055&ga_hid=1636295498&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31071261%2C31061690&oid=2&pvsid=769082398379340&tmod=1455190391&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.t6n3qsqo6x8g&fsb=1&dtd=2478

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1DD3 15 KB
11 KB 57ms
56ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90673657283ef068c6e5bad09dee26bd78f4b2723db402fca02760944ec3bb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11362
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A51 436 B
230 B 137ms
135ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=8115621213&adk=3600638404&adf=3173046727&pi=t.ma~as.8115621213&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252051653&bpp=3&bdt=1822&idt=2618&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6001878256996&frm=24&ife=3&pv=1&ga_vid=508674425.1681252055&ga_sid=1681252055&ga_hid=1192747380&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31073585%2C31073787%2C44785293%2C44786501%2C31071261&oid=2&pvsid=553665147247335&tmod=1591938294&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.d7t3gjq2p8e5&fsb=1&dtd=3035

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7f16d5126b253fa5e9cd3d38620449bd6b5d80d8c34c3bcdee96ce57f3a88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 3578 347 KB
116 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd425973537ffcb71404e3d9686a97650228c94824451ce97216691e862d9f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118934
x-xss-protection: 0
server: cafe
etag: 7340008551554225749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:34 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 163ms
163ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=1872&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc2&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:34 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame C9F4 347 KB
116 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00e016abe0e86941f2f7e00a4e4c9d59a5409852996f90b728552705a687a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118928
x-xss-protection: 0
server: cafe
etag: 10691606739672211129
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
DATA 200
OK truncated
/ Frame 3578 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4579380dbb1e30d34e92b678a1fee19091a1ea1bcf401a9472b66102800e651

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C9F4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007338ed62c84fe33708841ddbbd1cb1c9865d6391cc0d7969b02540107d6d25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame D643 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D643 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6EAC 0
16 B 130ms
130ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052341&bpp=7&bdt=2457&idt=2027&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=5587738028122&frm=24&ife=3&pv=2&ga_vid=1478913180.1681252055&ga_sid=1681252055&ga_hid=1028215158&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C42531705%2C31071261&oid=2&pvsid=3720251294834545&tmod=271836378&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.pffj99yaeivb&fsb=1&dtd=2437

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D643 15 KB
11 KB 112ms
112ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1547901bfba4301e0062fe6c145ced826ea28f8ac80ad1308fa7ac7877b1c413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11231
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4D9 436 B
230 B 158ms
158ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=3173046726&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052174&bpp=2&bdt=2304&idt=2267&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8587493316629&frm=24&ife=3&pv=1&ga_vid=934290547.1681252055&ga_sid=1681252055&ga_hid=1636295498&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31071261%2C31061690&oid=2&pvsid=769082398379340&tmod=1455190391&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.6rvfda5qpt2y&fsb=1&dtd=2640

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b568787e6f4f8b7621e1c9b5be91803989e7a431fc62654499958e60b651c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ Frame 2043 347 KB
116 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944c70657a0c576b8a52df913b7b6ec6e69b59f3f1912494311c73c0c572389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118929
x-xss-protection: 0
server: cafe
etag: 253788904741035379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:34 GMT

GET
DATA 200
OK truncated
/ Frame 2043 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 603c838369e0566dd77578c487aae5bd8ee4952b5bf5d0261b3dfa4e5b1667b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3A50 17 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:34 GMT

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame F006 0
564 B 8ms
8ms XHR
text/html 2600:9000:20eb:4600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=6628d82&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=6628d82&pid=1000177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?v=6628d82&pid=1000177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 16:18:42 GMT
Content-Encoding: gzip
Via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Last-Modified: Tue, 11 Apr 2023 15:58:05 GMT
X-Amz-Cf-Pop: FRA2-C1
Age: 22132
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: aARtcJvoEwSEIciwUcgEv7hzD1TuYACqTfLX2a_SaNs2kU-dzDzzlQ==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ACEF 436 B
230 B 140ms
139ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046725&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252052341&bpp=4&bdt=2456&idt=2279&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5587738028122&frm=24&ife=3&pv=1&ga_vid=1478913180.1681252055&ga_sid=1681252055&ga_hid=1028215158&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C42531705%2C31071261&oid=2&pvsid=3720251294834545&tmod=271836378&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.wninsf3080ba&fsb=1&dtd=2598

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

413704b91a348d7d683e89218da6e9d4ed629831037f6911bffb25ad77fdbbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0B3 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DD3 17 KB
6 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
BLOB 200
OK 9393c7a1-511d-47e4-bdbe-68d36099c423
https://www.tndeer.com/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tndeer.com/9393c7a1-511d-47e4-bdbe-68d36099c423
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D643 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79F7 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 018E 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93b6a709b2396103ab55cb16ee376f3520f1ea4e20e1c54508704acfbafefc98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eFGGq894xvtkss0cJPUO2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-eFGGq894xvtkss0cJPUO2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:35 GMT
expires: Tue, 11 Apr 2023 22:27:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 147ms
146ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=2779&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc3&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:35 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3578 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZp1EIehJTPy14aCXedfsORfTY6BHRawhKS2M8IGGYKK79hkj_7QxDcA8eK7Vj2o4J9jg3h8mMenHDM6xjIdMcexJzjNMapYC3w3pSWBAXP3BikrZpWcKjH5fyz88Ul7fNzJoEjPKu9YkvB8vwKryCZap3GK_oEpj8oZE05eYjDkcM5MVFMvvry7W15Bx6Eeyf_s10_TuEwm_eEWRZS1ZEj2odA0sdPZQw6wQ003V2Ml5QaEbO8THI9TaXAyS-mzp_AYW15Kzg1qknYyrsw2oqzept0YqtLs63yZRRI3tBvFBz2rl2LIUcrI-T3SbsGAMj0uk&sai=AMfl-YQbPzkSbwzBaduG6ogIFt-NrF1MGBBw36mQ2gBG-mWpiX2JbXvpKw3ycQixrtj4qZaLFz5dZh9X2kmd5UDhJoqvZ8frJgKnOvz2h0YtfpueoPxIycZvfQ_kdhuRAkZuAO0fk-iQE740KzD0Xl4Q&sig=Cg0ArKJSzBpW9Dhex0ryEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C9F4 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-txSr6pZ6dMsfk31KHGiqsomsNdY7aCNXZlx3lfke6zjHTnByZKa_bKtjIIbVA95MeFIT1s3_6tMVo6GAwe_jzKnNOvpT1XrdcWr8O8bcHugpujwZAs5sLV4moQw8IRMAZ45VVvWdf2YtAHTs5BOVTBigDocIUMvyEq6ecR4ucBqmOrUyDN5bLmqTUSc1bereg442yM-xYSPuXm2-4rcyth6B4W9iL4W4rrcyIQZs-q2CXWYWPMKqfRpZ0SfLt7mJGvzguWAnB2MiENAXsUJfysVQDnnyfxDDS5TyU-Ed9UT1I6EjESzBKHFCrmMZlhejn3HytXGOOP9L6sxj&sai=AMfl-YT_N8P5WV14FgUjGzjvAAHg2yWuY7sULOpFaX4d0qCHCDhVjmCci_iareSGIydSgdS1jliYD5ZhxeUK4BdNCEPNEyBkTACGmiw4tBz_zRc8RrysF-A9XaHkqI8apKd_i8Sw0rL4SyKNPB3KtJ38&sig=Cg0ArKJSzJZehMlWIYxYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2043 0
0 55ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu6QXM2hcz7fmwIbgPMEm_fmYMclqoZMDgIvCexrKw_y-M3RqCp-f2Fh3YY5pfZqHalMNbu2wqh-B41cvSo5YTt698OfxMY1JwATIyNAAg8MmTKBsHhoqJOlteNVl8mrwJ0j5AbINtYzVdlq-mXCRTG8qqdPaQMM7HANeQzkINxUew4OdNAoRwrn3zJ2hpvbe-0_In2iFqSxaHsOSdG3U6JtjBq-hzKLebq7r6tExIMpq_kV4totKS03jKWTPFsr6CmQ8qUdmVLqAoIbpf0nze7KS4tNyhYZOcYnZudvoBA1sXzo455WLZg5Hgct5AcokPWzuyCi0ouNoZ&sai=AMfl-YRi9o-jvPgb-76nC05rEZl1EhcTTX3bKoIMcVIjZIGuxWtnDQgGwpPyU_H__CSKdLWffE-jPCAL1mAiE4CHZqsxW3BGsdqAm-1D7mmWQ2GJs5kU4uXK9yQ1JilWeCEhG8o0gHFkZXtrBr2KXHq4&sig=Cg0ArKJSzOkA_EwjkX5YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 22:27:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0BA 13 KB
5 KB 21ms
13ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D78B 783 B
535 B 30ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3383f90d48b25088217112ae1eb1c2b148353d20929f9fe18c3d5ac8f85df6b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fcKVSh2ZRE0X9lrvNUXSRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-fcKVSh2ZRE0X9lrvNUXSRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:35 GMT
expires: Tue, 11 Apr 2023 22:27:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3578 107 B
122 B 20ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3578 107 B
122 B 22ms
20ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E942 0
16 B 84ms
71ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755405&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=6&bdt=3310&idt=829&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=3718433483744&frm=24&ife=3&pv=2&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ssyheegkttd0&fsb=1&dtd=1167

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3578 15 KB
11 KB 64ms
59ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

479715c4e97007450753dc7a07212bde9099e37920426a6299ff0307887b5f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11296
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C9F4 107 B
122 B 27ms
26ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C9F4 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D81D 0
16 B 96ms
74ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417941&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=4&bdt=3331&idt=846&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=2976583369586&frm=24&ife=3&pv=2&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.szblv1lpe5q7&fsb=1&dtd=1195

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C9F4 15 KB
11 KB 69ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39feacf74c9eb01916c84b3ee9cba7caa19aafcdc0d89a882157cc2a3655c476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11432
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2043 107 B
122 B 20ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2043 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6117 0
16 B 105ms
100ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417936&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054844&bpp=7&bdt=3162&idt=816&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&nras=1&correlator=7668444842580&frm=24&ife=3&pv=2&ga_vid=850890244.1681252056&ga_sid=1681252056&ga_hid=665472747&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C42532090%2C42532186%2C44759837%2C31073584%2C42531705%2C31071261&oid=2&pvsid=1724737715024043&tmod=1824385046&uas=0&nvt=1&etu=AKgyaCoICMhVTnmepMGlZVbVnfpGeVbTykwPq1ezUHduyusKoHK-98TfSTp4jafCY_Ny4mqGTfu9FFTN&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.hf1afa445duj&fsb=1&dtd=1163

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2043 14 KB
11 KB 57ms
56ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230406&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91a4d901b61a93fbe16ffb81d227e3ec571f735fd432f6f5ff4628d02e50fd85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11109
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD90 27 KB
13 KB 160ms
158ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edbedb8ec049e357befdccdc2bf66c023f5abe5e9fd0cf862844add1b7a9ab35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12953
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F111 13 KB
5 KB 11ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C28F 783 B
537 B 22ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

018e41d12aa93349512c485653da52c218c2e0a6f753c4d8a561fcef2d6c7dd3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P39Cqfx3s8BBhjS6QQW-PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-P39Cqfx3s8BBhjS6QQW-PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
expires: Tue, 11 Apr 2023 22:27:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEF6 13 KB
5 KB 21ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D6C0 783 B
532 B 23ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92aee619311d0c7536acb0dc95cf6677c200d046b3aa07ef2662e8b18ed00d6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gPI09drUMc0-aHOjbfiIfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-gPI09drUMc0-aHOjbfiIfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
expires: Tue, 11 Apr 2023 22:27:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E99 27 KB
12 KB 322ms
320ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=250&slotname=9237131191&adk=3628223246&adf=776186313&pi=t.ma~as.9237131191&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=2&bdt=3331&idt=992&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2976583369586&frm=24&ife=3&pv=1&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.koniljq050ob&fsb=1&dtd=1414

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b44218b6be308601a7d61b3c317e1fb1db52b1376c5dc165bcee1bc477fd788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12713
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8911 436 B
231 B 168ms
164ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=776186318&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054844&bpp=3&bdt=3162&idt=969&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7668444842580&frm=24&ife=3&pv=1&ga_vid=850890244.1681252056&ga_sid=1681252056&ga_hid=665472747&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C42532090%2C42532186%2C44759837%2C31073584%2C42531705%2C31071261&oid=2&pvsid=1724737715024043&tmod=1824385046&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.kcy7c5q8np2z&fsb=1&dtd=1410

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6b170b852224674f5bb302cc37a113819358a24a5146153f21ebbd2616d3400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BC81 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstQW-OBxuJMfTYe3qvTep_M6Ezo6Fp5nfpHe_h9k64AXt1MfLQFY341uPTLrafcs212-_xQ2zJ56QkNcieeFqGeNUGt0RHXICFRuBOVmnkY31yRLqqdSYQtmlm1FrAd1l-3md2pQ&sai=AMfl-YQ8BX83MZlZPNZTea0PTStZKVSsyhi98t1Q8PQpMrUT37y8ZzQIXTwgGj9o76RzItjcTwA4BFdkdo4sZzvv5p8YsKre7ZWtD91uZf1D0EwuSzssG7GvFaAmZkLXogeTeDgFnMGw98NHl0d_&sig=Cg0ArKJSzMMLiqw72mluEAE&cid=CAQSSwDUE5ymJHzM-NEwz01orweItaJOf1-p7p8XOJwXmo_df3PS4lxB50G08dgBlpVOctEmIZgaYrSkn1qIFSnBKEhNPAM1fGuLGtOhLBgB&id=ampim&o=1260,275&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1215&mtos=0,0,1215,1215,1215&tos=0,0,1215,0,0&tfs=4403&tls=5618&g=100&h=100&tt=5618&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 018E 0
0 45ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=1732632179286221&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC02 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pMz_Lw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 135ms
135ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=3479&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc4&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:36 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3578 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame BD90 3 KB
2 KB 869ms
43ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNTgxMzI3MTM2MjcxMTE5NTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MWw1QjVWYUpodVVvS2ZPaEhDakFwOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjU4MTMyNzEzNjI3MTExOTU4L2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/5LOdu1spIpLMyLww30S39X9U9yI&nodeid=3286&group=cdg&auctionid=5258132713627111958&pbs_auctionid=5258132713627111958&shardkey=5258132713627111958&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%26client%3Dca-pub-1990540382224794%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: 9a0657f90ad7f91b3b2d808a1895878d750dc14229ab42e8ea7c3cb85ad70a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
x-mm-nodeid: 3286
Content-Encoding: gzip
x-mm-bid-request-time: 1681252056
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 11 Apr 2023 22:27:36 GMT
Server: MMBD/3.385.0
x-mm-latency: 24 (2)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x76, cdg-bidder-x141
x-mm-lag: 1
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame BD90 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame BD90 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:53 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BD90 0
0 18ms
17ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7hrnrTxj81kyUWxmGAZ3Tc-XUSHnDNZowj60czdnD3KB98GTdmVfK9ZLR577gGYCNYylojp6P96c7eMQz4Zq-_wGS0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD90 159 KB
49 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C9F4 17 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2043 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D78B 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=553665147247335&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD90 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CH5r42N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgS_AU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr15W6wu7W-MjgGWgrWycJulHRKfQOvcs1Tv-YXGH9oc_8BYa8L7BOgAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xOTkwNTQwMzgyMjI0Nzk0GAA&sigh=uInntnXl1Sc&uach_m=[UACH]&cid=CAQSKQDUE5ym93vCl0XOfgJuUBbERILNAOcOhzWM-yBorx-Rsac0h6YxhHJFGAE&tpd=AGWhJmtO9dhFXQOCCDiTDtsutTGC7eS9rl2i9reag3LORfPM9kjZH22jRnd7YA_pY8lpCaOpoJyhN-pezaXMyb0SotVyABpOztLezcER27SAutFMmmKSSY4pEMKvBodPOmgXiOh7FU_4tQBV7_JA_53EjqXleQAODFoYumnaTtQpkHJyOGn5d6GSn2wpZJVWG5NjVwm7mziLIa7UJMkXnjDh1gjIDjN8FAjb0YzlBdpADFNmzP8tuG8xXTeNjxm4iJrUboieQXgDKkdRJROfXCEzE2bf6owCHR_cG4XH4ZLjGeeYlCCWV0JlUHdnFG4HRQgU-sbqp03hMVKGEgDaU3To_Xid__1nPRPt0Ic6axLmdOHJ2mOqqeMRwb4cJoXdwQRml16g78kYYUrWoReDRx0uwYoBjEprx7SeXY_ZBbUD7rneMg1Gjw7PhFuzxCukub5Jf33_8c7LKqHqSc2AWfrsJJH3KEFXmr0ymCjv5Ye6XLxiRqV2iWiIhwZ7s7XEZJTvyRPZ9FGx1iBtrQk8prnos_wI_LfS_3vInLAZpN2N2KiJH9vss8oNbWyNxuV4QC0ZvJ5XQWZIZhFGRGO8kbwn6joZdhgcLR6Gjw4MmLcFWPP10ODMHWNBOc6Jt4LMxJXm4_JSFLRm_uUaNERPMBBH27dXGheu22knCUAgfXFXyeis8rpTOfLlblnDP3CcWWWE_9WYUkn43HZ42B7upeR51KE5vf2ZnnecR6oXiW0l48BcrDEyodx4l9mwmYHbcZB4OG9mGmE3aSdT4hFPmx-y7hgwg-AyDgMwX9WQCJglLYhJ7N6SC4p4GWpcTustkR2pOLhGjiOKHkqGkD2U_XHZQsN8oPhDgVgEYtTdgRw1ASsNnlHMSpdkwsWNX1cMjnPrRBtDfoHSAbXopndYvol2TzbQkPZfefml8CbhM9lA8LaAwbWWBcMEDuerHqp7YqUAMGzV1HMmkcZ2dMFWw820XRsCpDfK5T6g0jbpS0KKRR9MVgvgWSBiySBnwBOTtW1GJ2wF_34qMm76-SaHYTkJ-L_4Zg2CZApzBfyK2B0Hl9Z3hXxHmbta_xC0xF-_tN6yCM2BaU9Hk5KxLfo9OE5ytgM_SukOyvQR2Uf2oTBZSHeJ5T5q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 22:27:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 79F7 36 KB
14 KB 18ms
10ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C28F 0
0 45ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=769082398379340&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D6C0 0
0 45ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=3720251294834545&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame F0BA 36 KB
14 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1932 13 KB
5 KB 37ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DE3B 783 B
535 B 46ms
23ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6a4c603c74f514616b20b72f4dc4163ab8eca9e1addb4b66e491104cfcb6d5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-djOrJeIeevvKU6GC04dLMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-djOrJeIeevvKU6GC04dLMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:37 GMT
expires: Tue, 11 Apr 2023 22:27:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame F111 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame CEF6 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 251ms
250ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=3684&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc5&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:36 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304040101&jk=4285731552635175&bg=!e3ileCzNAAYIJb0jKCU7ADkAdvg8WlDLila3XFZ7asS_b6keH6bNBxdr518Oy_rk7-XBc_MkNemy_7n4TY5AlWojTnZI9FzSv9ACAAAGyFIAAAACaAEHmQKfqU-q_Qwjy3BRrUf9e6pZoc20U0hb3eXdP-cQwh2wE1_mywkKMm97DijCxniSb_xKmCttNWOCtHB0glaHxyBZFm8QIPO_wL8qpWLi7Nta65Tu9-e4EJGAElNNDHhVExYtYlukXtIqngsRe1V_l1-DkFtZb9u4QRQXw7o4Xo9xT-QONed19dSDdj4PQ4Z6HnlJV4gTr8ijekA8aau8RAAsGZyUdj8cogIn9xv9jBQv_g9OLJoWmmrB138j1RduPPrBgoDFol7TXbUL77-ZDHZnMmiZL69Xa0mLG_Ynw5n939nEKwaPKVrhlAvE8RAr0W_K90t47yQT1pM6BXV-afiAbF4k98zWInk_E1Udnv_cLVfRJK5h3ArLJOfqa0E0AcDf1H4F3iM3IdhrNGIqv-xnRbGZDrbA5OYW5lakQxBh5eG_sMuASYETYJbUThaf54w04HwFPp01eLLc89wIbaiC0IBuadxHDij39CYWr4kvme9tlztUByxKgo_EkKywvNV8rrNnTsPBLsnDBei3er4gJNLpYnRuw5_tTpaoqtYzeUYfzMZuAR1dwNJ3omnWAtlFc-JPifLTer1iIlq3S9ADrTVdt8F_G6U5B--RAG4bZY59w_pxZo5_8BOA_NxLMOeKK24zFhFBx_viTGVVXmJjA0Rq7MaUVW5iJxNSHMflIV3e425DWQ3vZR8DpHI-soAEaflaRDJVH0u8bcnFsdGBTA_Sn3CwIgeI-kYJYFcyv581EOPWPLtJ008DdT-cmSABurPph3r6TpXGY0OYDSMCxxGwPTitbioRstLvF2ceyNB6sjLuWBRLRcDLUclfAtJwo8NWbnzhns6vReuMeL2DTySmL_w8_cE8w42w_8DuZoOubsmer33BNeEZo4LHCu8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C586 13 KB
5 KB 26ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A6C 783 B
536 B 50ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2cb07dbdcdba264e6205080da8e36fca06682b0f31080e12d9dc36b32b5b41a4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FjTYCEKcMb36lCRk5puUuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-FjTYCEKcMb36lCRk5puUuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:37 GMT
expires: Tue, 11 Apr 2023 22:27:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 5E99 3 KB
2 KB 96ms
42ms Script
application/x-javascript 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMDUyMTEyMDkwMjAyNjU0ODEvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NkpMSTg1WS0ta2dzbnB3MFdFYjRTNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTA1MjExMjA5MDIwMjY1NDgxL2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/Tg_yDEgggWlhTjbX3AKYOMmOq7w&nodeid=3286&group=cdg&auctionid=4105211209020265481&pbs_auctionid=4105211209020265481&shardkey=4105211209020265481&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.65&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%26client%3Dca-pub-1990540382224794%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=250&slotname=9237131191&adk=3628223246&adf=776186313&pi=t.ma~as.9237131191&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=2&bdt=3331&idt=992&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2976583369586&frm=24&ife=3&pv=1&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.koniljq050ob&fsb=1&dtd=1414
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: c6ef6c4b1a18541fe32897f88c1a8d9d663d36df554c0551e87dda0dc2f85bdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
x-mm-nodeid: 3286
Content-Encoding: gzip
x-mm-bid-request-time: 1681252056
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Tue, 11 Apr 2023 22:27:36 GMT
Server: MMBD/3.385.0
x-mm-latency: 22 (0)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: zrh-router-x70, cdg-bidder-x141
x-mm-lag: 1
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5E99 3 KB
1 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=250&slotname=9237131191&adk=3628223246&adf=776186313&pi=t.ma~as.9237131191&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=2&bdt=3331&idt=992&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2976583369586&frm=24&ife=3&pv=1&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.koniljq050ob&fsb=1&dtd=1414

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31641
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5E99 20 KB
8 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:40:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E99 159 KB
49 KB 46ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 22:27:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 176F 13 KB
5 KB 22ms
15ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39624
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 11:27:13 GMT
expires: Wed, 10 Apr 2024 11:27:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 292E 783 B
535 B 29ms
25ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-89d2da9-e6c1bf38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87cde02a5093d946202e8ca4849c9ec3b1fde00185b67a1801fc7b1dd21d46a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r2DAj4oIJi2KMm4ooHeUBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-r2DAj4oIJi2KMm4ooHeUBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 22:27:37 GMT
expires: Tue, 11 Apr 2023 22:27:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5E99 0
0 67ms
56ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-WHm2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwAFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLL1mV-0N6UFipVswbqacTRF0q-f-lIL37JEWoAKm9f9lNtmA9JOuABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTk5MDU0MDM4MjIyNDc5NBgA&sigh=NR_r2luRjbM&uach_m=[UACH]&cid=CAQSKQDUE5ym750k2_mCsxj5_28wCtll85odPlauloa5vM3BTY3ix8Lyqw3YGAE&tpd=AGWhJmuxfF5k_qOF5WEQZu-E489D-bwwz14L5C7D3dFM8D5TPlp0Ha9KMh7dTVDy96jQlx6GpPP_Er5OyHWTcaILtvDrejEt7RQh2hK2VMTfaXOuA4zq17dKbz87vQZ6_PYD1Xfx1KGoZB-3xpfpYRUq5eW3YVtUUG0nFGX19Yyi0ue6tAFsTNc1p82LlUrKpysksjtC2I1GQ0S6WgWsYcl5zA3a32II88mV7ZQNnk4ox6OvbhL7e1Xnj94MabrhchUDm4-plkJ8o9OHiU65sOh9BChWl-GlFCIeXAVNHoYd7zm7MP3Aqi4o9h27VwlI2mOvq2Cw_1xMLQSk2uJiwqogmbUEoJdrnKwNpP9dgQ_AHkNlFo5q3jJj4oXJ7JkC8Blmk1au9putrLOCMuZSzZffBPf5m0MTLvws4VYwDqGauikS2gx5cn7TXQkgXgAhb2n8bL44ZUTUxcS2xfwX7L40KoaFzp2lUz8w4kP9ngGv7jhrS9MGbxqY91gevB86j3qA90tPwUp2URqbf4KpYB6zde5JoEDotcPGMFJaQbGWxF9Uw1y7pVvGaXnhZY78uHmcytU-m-00WmDXZ8pOkOlECkI5JDgUrzFQ51HqIhOFYtaaCxcelOccsAYkkcP4Y7v26FsagNG7d7jqXZXb1A6mMymZvTZ7YwZ92UvbDxNZWkxmphJJY7b1snuIGhm7DF3k4jJ6hZ-RAusYqzCzDtvoh7S7KZzimbQWyQbW1MkAKBfv_ZpY3CzYlww80hbrXu2V11e2VY_-w2gecK26_vsTLzxQDFkMtCIbAORh-MIItb9_dFZxGfaw7yffr6u7PdCCs5bU-j1enSJlVYRKRwkpB9X282NGyYhTTOcSObLEUSvGZcoSFASdTkpz7Gh5Ap78iBE91EqkNjghvyncKKPqEEJUFsWt43blYInW9In26H9NhXFMG60t2A6C_lu4Tr-NnRtFXeJRGaiAjPEt7oFWxIn-4Som1TnsiI5LRaLxtXsxrAM5llZmypLmam8HZIoTXmLQsfeFI1K-ShJROXmW5qYQuIVFRQjqrU5nPBUSP0pxe1rNGNRZjObZuBPlC_1PxW426C1mf8VLi83w4Np3XnbdecB-S2Gp9XrmyVvanD2hd-M

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=250&slotname=9237131191&adk=3628223246&adf=776186313&pi=t.ma~as.9237131191&w=300&fwrn=16&format=300x250&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054757&bpp=2&bdt=3331&idt=992&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2976583369586&frm=24&ife=3&pv=1&ga_vid=1890340197.1681252056&ga_sid=1681252056&ga_hid=1175919533&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3017388254&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759837%2C44759876%2C31071259%2C31073787%2C44786502%2C31071261&oid=2&pvsid=4037929438450422&tmod=491892326&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.koniljq050ob&fsb=1&dtd=1414
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 22:27:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ajk4xlebn4mw Show response
hal9000.redintelligence.net/zone/ Frame BD90 10 KB
3 KB 68ms
21ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=5258132713627111958&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DD_FC0IbmOPBp2AoC6mjE-g%26exch_seat%3D20035004448%26mt_aid%3D5258132713627111958%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_cid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 0042cef1cb1b86324fc3ddd21ee26779bc08092266aaff761f688c4b564c2f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3328
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame BD90 49 B
330 B 80ms
38ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5258132713627111958&node_id=3286&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNTgxMzI3MTM2MjcxMTE5NTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MWw1QjVWYUpodVVvS2ZPaEhDakFwOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjU4MTMyNzEzNjI3MTExOTU4L2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/5LOdu1spIpLMyLww30S39X9U9yI&nodeid=3286&group=cdg&auctionid=5258132713627111958&pbs_auctionid=5258132713627111958&shardkey=5258132713627111958&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MMBD/3.385.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x78, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame BD90 43 B
416 B 120ms
38ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5258132713627111958&v3=651871&v4=4562306&v5=6622332&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNTgxMzI3MTM2MjcxMTE5NTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MWw1QjVWYUpodVVvS2ZPaEhDakFwOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjU4MTMyNzEzNjI3MTExOTU4L2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/5LOdu1spIpLMyLww30S39X9U9yI&nodeid=3286&group=cdg&auctionid=5258132713627111958&pbs_auctionid=5258132713627111958&shardkey=5258132713627111958&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x25 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MT3 776 936c8db master zrh-pixel-x25 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame BD90 49 B
330 B 78ms
37ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5258132713627111958&st=4562306&time=1681252057&nodeid=3286
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyNTgxMzI3MTM2MjcxMTE5NTgvNjYyMjMzMi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1MWw1QjVWYUpodVVvS2ZPaEhDakFwOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjU4MTMyNzEzNjI3MTExOTU4L2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/5LOdu1spIpLMyLww30S39X9U9yI&nodeid=3286&group=cdg&auctionid=5258132713627111958&pbs_auctionid=5258132713627111958&shardkey=5258132713627111958&sid=4562306&cid=6622332&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.170&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MMBD/3.385.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x87, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 5E99 10 KB
3 KB 33ms
12ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=4105211209020265481&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D5bbQuhLv7Ml04xHW-99VDg%26exch_seat%3D20035004448%26mt_aid%3D4105211209020265481%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_cid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 01b56afc5b13ea2bc85754bc06f9c60fbc5659f3ebb9803b28e17f2265b99b3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3319
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 5E99 49 B
330 B 31ms
30ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=4105211209020265481&node_id=3286&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMDUyMTEyMDkwMjAyNjU0ODEvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NkpMSTg1WS0ta2dzbnB3MFdFYjRTNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTA1MjExMjA5MDIwMjY1NDgxL2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/Tg_yDEgggWlhTjbX3AKYOMmOq7w&nodeid=3286&group=cdg&auctionid=4105211209020265481&pbs_auctionid=4105211209020265481&shardkey=4105211209020265481&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.65&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MMBD/3.385.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x67, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 5E99 43 B
416 B 34ms
33ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=4105211209020265481&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMDUyMTEyMDkwMjAyNjU0ODEvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NkpMSTg1WS0ta2dzbnB3MFdFYjRTNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTA1MjExMjA5MDIwMjY1NDgxL2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/Tg_yDEgggWlhTjbX3AKYOMmOq7w&nodeid=3286&group=cdg&auctionid=4105211209020265481&pbs_auctionid=4105211209020265481&shardkey=4105211209020265481&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.65&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 776 936c8db master zrh-pixel-x14 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MT3 776 936c8db master zrh-pixel-x14 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 5E99 49 B
330 B 42ms
41ms Image
image/gif 185.29.132.246
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=4105211209020265481&st=4562306&time=1681252057&nodeid=3286
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWWpBd00yUXpaakV0T1RNMk9DMHdZek5pTFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMDUyMTEyMDkwMjAyNjU0ODEvNjYyMjMyNi80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1NkpMSTg1WS0ta2dzbnB3MFdFYjRTNC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC80MTA1MjExMjA5MDIwMjY1NDgxL2Ftcy8wLzIyNy8xLzk5OS8zMjIvMjAwMTphYzg6MjA6Oi8wLjAwMC8xNjgxMjUyMDU2LzE2ODEyNjQ2NTYvNC9wdWItMTk5MDU0MDM4MjIyNDc5NC8/Tg_yDEgggWlhTjbX3AKYOMmOq7w&nodeid=3286&group=cdg&auctionid=4105211209020265481&pbs_auctionid=4105211209020265481&shardkey=4105211209020265481&sid=4562306&cid=6622326&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.65&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%26client%3Dca-pub-1990540382224794%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.385.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: MMBD/3.385.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x68, cdg-bidder-x141
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 11 Apr 2023 22:27:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DE3B 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=3214198863526157&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H/1.1 200
OK request.php Show response
hal90009.redintelligence.net/ Frame BD90 0
394 B 129ms
84ms Script
application/x-javascript 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=ajk4xlebn4mw&nw=20&renderingType=javascript&namespace=466edf6982&subid=&uid=21a3719764ed07ea&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DD_FC0IbmOPBp2AoC6mjE-g%26exch_seat%3D20035004448%26mt_aid%3D5258132713627111958%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_cid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1990540382224794%26output%3Dhtml%26h%3D90%26slotname%3D3277038130%26adk%3D2222703138%26adf%3D3173046724%26pi%3Dt.ma~as.3277038130%26w%3D728%26format%3D728x90%26url%3Dhttps%253A%252F%252Fwww.tndeer.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1681252054729%26bpp%3D1%26bdt%3D3310%26idt%3D981%26shv%3Dr20230406%26mjsv%3Dm202304060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D3718433483744%26frm%3D24%26ife%3D3%26pv%3D1%26ga_vid%3D954420252.1681252056%26ga_sid%3D1681252056%26ga_hid%3D420147618%26ga_fc%3D0%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D90%26ifk%3D219198672%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759837%252C44773809%252C44759927%252C31073584%252C44786499%252C31071261%26oid%3D2%26pvsid%3D3214198863526157%26tmod%3D247098509%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.7nmdxsu0qy78%26fsb%3D1%26dtd%3D1362&ancestorOrigins=null&random=4526134970989&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/ajk4xlebn4mw?subid=&gdpr=1&gdpr_consent=li&rnd=5258132713627111958&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DD_FC0IbmOPBp2AoC6mjE-g%26exch_seat%3D20035004448%26mt_aid%3D5258132713627111958%26mt_id%3D6622332%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_cid%3D93006435-ded9-4f01-ad0d-9b1530a53fd2%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCC_TB2N41ZL-jCNiU7_UP0ved8A3Ph46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTkwNTQwMzgyMjI0Nzk0yAEJqAMBqgTCAU_QwMSs5QDmZaz8DObfKhaPibuSjce5et_yybymRSoVpCaaq2QVnDjZZWQvPAkM8zxKsKTkue2YeYtOVpCFNdzv6KbIOL1PaySY84ZfolY_rEDlMzs14bWDzTCacb8glTNJZq-_UyBz77Na0BRRUhzaFByan3RV_1unsaA8VszXWXnv1T85CKBJbJJGQWXCXPZQfsI50EVr19e443x6RGznlMxj8P9JFaHMPf6yt-Utr0JYHM4HANHQHSglk7fD1rsogAa-1Nb82ZronagBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_08jZzUFnyu4o0CfDAxj6PFxdRC4A%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 57838000001760300951389012292009
Connection: close
Content-Length: 0
Expires: Tue, 11 Apr 2023 23:27:37 +0200

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 292E 0
0 39ms
39ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=1724737715024043&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A6C 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230406&jk=4037929438450422&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1932 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame C586 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 176F 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame 5E99 0
394 B 157ms
66ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=bfb210e2a9&subid=&uid=73843fc381ef1e01&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D5bbQuhLv7Ml04xHW-99VDg%26exch_seat%3D20035004448%26mt_aid%3D4105211209020265481%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_cid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1990540382224794%26output%3Dhtml%26h%3D250%26slotname%3D9237131191%26adk%3D3628223246%26adf%3D776186313%26pi%3Dt.ma~as.9237131191%26w%3D300%26fwrn%3D16%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.tndeer.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1681252054757%26bpp%3D2%26bdt%3D3331%26idt%3D992%26shv%3Dr20230406%26mjsv%3Dm202304060101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D2976583369586%26frm%3D24%26ife%3D3%26pv%3D1%26ga_vid%3D1890340197.1681252056%26ga_sid%3D1681252056%26ga_hid%3D1175919533%26ga_fc%3D0%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26ifk%3D3017388254%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759927%252C44759837%252C44759876%252C31071259%252C31073787%252C44786502%252C31071261%26oid%3D2%26pvsid%3D4037929438450422%26tmod%3D491892326%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3D2.koniljq050ob%26fsb%3D1%26dtd%3D1414&ancestorOrigins=null&random=8410415369807&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=4105211209020265481&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D5bbQuhLv7Ml04xHW-99VDg%26exch_seat%3D20035004448%26mt_aid%3D4105211209020265481%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_cid%3D94006435-ded9-4f01-9d60-09ea527bbd10%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCGxMF2N41ZO2eDcGF7gPPoouoBM-HjptcwIbZgsYCwI23ARABIABguwaCARdjYS1wdWItMTk5MDU0MDM4MjIyNDc5NMgBCagDAaoEwwFP0MdFcE3QB2hyqmzwmScqidBHLto273JnXaV-35czBgtmJrxTn3M-byo0fOCgV9HzQmNFe3mPcds4nH7oRRTohtmHMkk9sh4CP-igNl7bMvB-C5-QYxb5pgjTP2Ens68TTvz0-vWcpHSweQXWfSYZZ87-Vqeca8K5JVxYRBH2_S5r5k9dMY5EMrNhXfknCj_Rn80K0qNmFUDLbVu0ae_G9F8k8oSwcee8tEA-80OvDqUamYXor1McYfVVGPmBI2Yv8B-ABrz2rs3nwIiOD6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3NN_DT6y3sNWzltRmKv0U6i5tfvw%2526client%253Dca-pub-1990540382224794%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 22:27:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 34954800001793800951393012292007
Connection: close
Content-Length: 0
Expires: Tue, 11 Apr 2023 23:27:37 +0200

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 79F7 0
11 B 34ms
33ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OZGr1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F0BA 0
11 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j7aBjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F111 0
11 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k_ertw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CEF6 0
11 B 6ms
6ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sdIa9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0288 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 07:05:18 GMT
etag: 48472445140208031
expires: Wed, 12 Apr 2023 07:05:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4e02e096b0feb25045e40e4b74ef1c8916c1bac71c40a95aee6d9fa69f37018

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 858F 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 07:05:18 GMT
etag: 48472445140208031
expires: Wed, 12 Apr 2023 07:05:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E99 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a656108ccea137aa63217d609fe978b781dfc6805d50f1a8ddd6ab763ee7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0288
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1&google_push=Aer7DvJBgfXYzBauYClQkXppJl--hL3I4Cciw08tsdIcUTt7cmUZgb3uogqWZ4dYt5TIuLZhDbHNNTnl-Bz1xCusWHa7HnBniGKhAg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDI2NzU0NDUxMTY2NzA4NjI4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1

43 B
398 B

54ms
53ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0288 0
104 B 287ms
33ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAIRQw2LIoT4ZDGRes8rqO0&google_cver=1&google_push=Aer7DvJT3kCTcSudoY6mj4Ny6ERlZ0w6dYNObm3W9q9OFKNtq-7SZl6kQfi9DoRWwaAaVE4f1YBIkCdZCqEQpwTEUfjrCVeeOEWDiA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0288
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_O...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z...

43 B
416 B

196ms
194ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b66a873fe3e9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 549
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBhC9J7xF-niyvGaEvsV-LI&google_cver=1&google_push=Aer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJhDhpkqhjNyaaTd--JWV9350yvU5vi3K2ds9XIObPEGgmJWi5bUy8EQcyDtpKnS5ITmaJV52TygnqN7Fff0S0sTz80t1z_ON8%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b66a872bcc29ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0288
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEb8Xm19BJ5CpcAclOr8yIg&google_cver=1&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT-yuLrfDGGR8k_gag
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35A5F0D751B04D7383A4B1479292D0ED&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT...

170 B
188 B

22ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35A5F0D751B04D7383A4B1479292D0ED&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT-yuLrfDGGR8k_gag

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 22:27:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=35A5F0D751B04D7383A4B1479292D0ED&google_push=Aer7DvL4AxJJoS_py16OodojrIhNLFGwdT1eqxZ81p_BV_nL8FAcLNor_dIyG7WXUawdDgr0A9ii8UZtNr-iSYT-yuLrfDGGR8k_gag
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 10 Apr 2023 22:27:38 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0288 70 B
264 B 37ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEP-zb7ujWyS7FsppXcSuHJc&google_cver=1&google_push=Aer7DvIbtZMZ13d2L0rqZ-feGF0D7afRNTkF0DwT2JxKWuG9Y-wqroFrZSbGgfJP8atYqqTzLIdnScvPuIjjTlSDiwewouMqkbiNCdk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0288 43 B
351 B 76ms
26ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJRQBupkorEiewYejNiLJSo&google_cver=1&google_push=Aer7DvK-O9u6-jYDIEj3Ht_CXWMbcKWRWqftGtH9cZsqqz0LYzwhSWWXvTw0mQ9n6jUvpFJF4q6hOcsfLVM-ZkH_QD97MEMEq928Bus
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=3277038130&adk=2222703138&adf=3173046724&pi=t.ma~as.3277038130&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681252054729&bpp=1&bdt=3310&idt=981&shv=r20230406&mjsv=m202304060101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3718433483744&frm=24&ife=3&pv=1&ga_vid=954420252.1681252056&ga_sid=1681252056&ga_hid=420147618&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=219198672&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759837%2C44773809%2C44759927%2C31073584%2C44786499%2C31071261&oid=2&pvsid=3214198863526157&tmod=247098509&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7nmdxsu0qy78&fsb=1&dtd=1362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:37 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: rqldh5nthq02klsh39chniqfmb15kdm2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0288
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=coJxk66DSJS404jhhZ3KHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=coJxk66DSJS404jhhZ3KHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLFoOSBK7tHW63MdkSAjW_39iFTxF1BwcfVKf5mz0TDNJMMcVPeb_Kf_10skiKGLPH7zm5PtFZH97ksGVzgFYuA56plU6A_H_M

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=coJxk66DSJS404jhhZ3KHg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvLFoOSBK7tHW63MdkSAjW_39iFTxF1BwcfVKf5mz0TDNJMMcVPeb_Kf_10skiKGLPH7zm5PtFZH97ksGVzgFYuA56plU6A_H_M
date: Tue, 11 Apr 2023 22:27:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0288 0
139 B 81ms
31ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1f88UrYZHimZF-pfy3yMFtA3g8UuoDtlkoEyC8hy0AYmvzzxXx_Jn8w-prNnDs2OE14QY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 858F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1&google_push=Aer7DvIn0lSFTaUzE7VkqAa45OynFBxw1WlpmypzaTrs0ebil1Xwz6ViDHhnROWv22YCj2TLMCr9WYWRItNtI8gf4-b5wIhXdR8nSBk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5NTQ4NjkxNzYyOTE1ODM1MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1

43 B
398 B

19ms
19ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPrHZNeagYbWLHbwNlpXH_s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 858F 35 B
463 B 110ms
6ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBFlCpwHNeCH301HHG3wImg&google_cver=1&google_push=Aer7DvI07F5igyyYF1kcA-LVYaDFjN5DR7FMsCLzhvRczx0miHmAOmgvGMDNAcHT19aS1WV168V8NdLOa1MM5w_i15XVA9o3rTIAcWI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUZ6V1VrV0IxUE1tc0c1&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfK...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUZ6V1VrV0IxUE1tc0c1&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfKqwdmr2GvF92HADlPJ2_u6p8qU6APOsdixeqHj4hm4a7wKPxbdOsS6Poo

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 22:27:37 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-771-ga8baae6#rel-ec2-master i-09a32cc2c473a3db5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OUZ6V1VrV0IxUE1tc0c1&google_gid=CAESEC6EbouZo6oprT2fDmNocOw&google_cver=1&google_push=Aer7DvLFt-KhOmjmZ7rKirUzFo8ThoB6mREp41IiD8WzbfKqwdmr2GvF92HADlPJ2_u6p8qU6APOsdixeqHj4hm4a7wKPxbdOsS6Poo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI1LTwVYvNY3S38L5R1zwvM&google_cver=1&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pWcYayKv8A&google_hm=eS1EdFR3Nno5RTJwR1d...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pWcYayKv8A&google_hm=eS1EdFR3Nno5RTJwR1dwV0t2dGpRR1BiR09CZTlrUnpCVX5B

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 11 Apr 2023 22:27:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvLxPWjHy8urXYUA5BEqk0P3SQ6zjSzrKLXjvvHnhXgoT_fo_AuKtd_4ohMxLAI28TdVRnU2xPzTczSYS68xDHR69pWcYayKv8A&google_hm=eS1EdFR3Nno5RTJwR1dwV0t2dGpRR1BiR09CZTlrUnpCVX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEADH2SoLjLXWAHzYzUoxmsU&google_cver=1&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNc...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEADH2SoLjLXWAHzYzUoxmsU&google_cver=1&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZST...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU1MTE1OTA1ODcwMTAzMjcyOQ&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5Y...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU1MTE1OTA1ODcwMTAzMjcyOQ&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNcty3iztEpkzW-awsBxJeBa08

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDU1MTE1OTA1ODcwMTAzMjcyOQ&google_push=Aer7DvLAcc1lEe9A1o79PrFxcAv47a8cLQA7VKPgc8BBi8DDIBBZ1DGyiX42XAvJIGWSVZg8ZSTZ5YNcty3iztEpkzW-awsBxJeBa08
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 858F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iz3nwDPRk-B7f-TwruZ9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iz3nwDPRk-B7f-TwruZ9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIkOvfb3HQv66CCXlhETLS-AvB1NkmACRDysPEvoeAov94lXt3mvJDuBXKxC2uWtaaCr62DmzLk5J9lI6kwoYNT3p6LCL3GdII

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0iz3nwDPRk-B7f-TwruZ9g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIkOvfb3HQv66CCXlhETLS-AvB1NkmACRDysPEvoeAov94lXt3mvJDuBXKxC2uWtaaCr62DmzLk5J9lI6kwoYNT3p6LCL3GdII
date: Tue, 11 Apr 2023 22:27:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 858F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEzmMysMo77uya-PO3PWAeI&google_cver=1&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F24...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F244DOu2N4XPbDNul6nJqE

170 B
329 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F244DOu2N4XPbDNul6nJqE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKimt9UeNwxGaM8WMJuuO49j1hJ_cEvnXD_nZ9LRz80wiIhZdjCHzT41-_1GIVP0ujn68QcSYzU3F244DOu2N4XPbDNul6nJqE
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 858F 0
49 B 71ms
34ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KcXoi8K1EHx4nhOpGD5MXagmtndYrwPgRZGfZhq9guDSrMcATutBG6kAcOGwoMlRV2xAvS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1932 0
11 B 40ms
40ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f2YiJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C586 0
11 B 23ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XvGaVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 176F 0
11 B 25ms
9ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nZ45rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 22:27:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3A50 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=1732632179286221&bg=!VValVgLNAAYIJb0jKCU7ADkAdvg8WpGdFhZ9mo9UOoD2U4ivz5-EXQGN1oKQfDTb1aF303iylj7fa2GQ8n4U4z0tdI0EvbCLMT0CAAAB1FIAAAADaAEHCgBUi6iyLFPRM_LMx9j3KMbOvAbwplIC47xeDJc28-hzTIUcKg-l4PlBgnv0r1pCPtZ-mCOfFu6pTd3QX-zkO9x83ughEqN10TTe9VT0x_SNATW10VaOmQLlzwGAgaiFkcAOYS_LSfwCeexy_XSMXGBVBl7pZJ0ReitYStGGhDCZ26FpCOgTF6E2YV1z1zN2yedZIZsDgU2AG1APHDjK0eo5lEyEoM1Fr5WXWuDIrsLvgDqMosjBVSnq4FsSJwrwiOaAmoHYhJ0VkrQZLU_EhjWQSG1-vrerrtbUfEtNJGuO0HAIzZy2DEeM_ycRkUSlZDwPsnqPmewlV3HUoE51QgTimp2BR4vSW76smg6ZWu5q8wacIPYswcJvMUYX5I-qnaNDJlguZ9ZGqVMOIvIcIuVk6VUEGSdzUAHDphsSXGVgrrUsqFlEkUXwVUajm8fEzSPDT4fAHOPKShk-oieHDLheT3OITDA6teqFDBIP5yGWdT3c3hfwsZMsgw6S-ma79iSRPPBwZFTh5AbICXhRMqt211poHoyRVjWkgjmXBCwJxY-c7lnY3UsjI1jTloUy1Xj7JejmpGFhvArBupo6KXf5CkN-9NkD0FCmaBM8W1VhFe6Gvh5Xr2_wreIDRu6Jy-B1w89XgkvDNLa5YaLsYCmo5MyosKvwosvY02D-NsVNcHIayA2xNeJ68IyYStMbawFc23wgs-gNnOS8XRqHLATIc31uQL6yjF3oTvGw7XwIK5UodlOb9XYyA5TRJXeV4JV2bbKizHwSWEDg_C_3gB-WpuN85KM8xgI53iD8s0LAJ8b1vFlJavpBo7yTYeaq_9HU3PKAtQFpxouTrtoocFkhkmPyQu44lKLxVuq0IAs687wnr7LvesKUV4V-n2rIUf2e4-rek9PR8LEkL2-J6yxDCXnVD9KAbmZ0FJkuyHO5F1J3AoN2qjKgKMMpZWDjLphcb5sfCV4d4J1mck7gzjVlcLti_U-8M-0AmJ1LWwG6mQk7HmW-yPJHugymEgPOYB743_MG8Vqv8p_HHvAHbPAoyb6NXtk5gpDBCQEFAH5G8Msf8YJCKTvGcAS0lc8HF4MceE6vsXGb_QBTcRVR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0B3 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=553665147247335&bg=!RkWlRRHNAAYIJb0jKCU7ADkAdvg8WgzWlSl_ANyEgJTlvXMMdvUURjz-7E7FGcMd0H2AKEkuYQjjiv2T4A_hOEX_RwQUXe5cAVYCAAACMlIAAAADaAEHmQLsQMkFVttwoWKcqfytLN--CN2SxuK_WbZBtH3AmmgLqtSxmHWvcjgYFGDTsgO1dFpesJky_UHYoAkkoffHUhDo8HiqMBcZAw2xGkay2bV8724C3WVh2YmA4GnfjrVbb8AQDkOA7h8lT011H4qoN8znpBIS95bEiDNM0nApXglpZhmA9UWaNTgqMon037upPmFVadU4A5Nw7kYN0DD3YGA8EFr7seq3gemgfmi3LRRtvkjtrvkXQJm2Vv4DssP0sswbOT9GJu2HNhxvge4kxR2f-y9vIxb6Lw4KaCbAkAVtGfJWEcY_jvpt4_1zViEKTnDtRcWSFZqnpHF4PHy7KiwfnDnSp0XU2Yfgngyx6UEZRVUCCSCr7DF2Wtn239q3DP80MlQMVCCKe-_JKwlh9K-gqQpfwoCdm8JKGeeYX_2irZvhPWZTyUgJ269oG5FGVyiajiINoBcY1GSqhE5V1YEWWy4vl-hMbyQlc8WHaReBtwJDE05Ewsg80QUD2Yiy5M63ygl0cjiO7v2ODdq6L9lGOPsbdpMw1PrTitH9FbfSXxmczmi3u9bFZcO2mr0fTtL3wiG3XGL4iTFiCqZP9oX9HB6cNeLXLWDDsbGys11nEDeZx0WrUgTuzF-lTKRai_EJe3O_mMOrP4LL-QVWUpfN0FbJD_O3i8WQ9DfFAh2mAkspzGpwsDIbhkAJXmz5P058GQg-4DynRyTUbyWrDLtsb8HbRY1rQ7MA61Czh4uK3wHs-ROyHq9CO40TxpBztb-uwbihZh0hkpUG_U4U7xSd25tqm2P8s2LNviCqoo8_kOm1xmwAAI4-IQSLIqgCG7KbzXFvv-rTL3kaCenPhNHfQwknCb5d031JLRYbHcnBAtbTWtaC6n5Cf5x7uBl6l5-ZHRPEfa3BCPsboZI9TfNAvFrIlSH2RfVejoH8TF323-zQ6xc3xFks6CT6xsBkfAVWjBOUVO7SFeaBcm41tMB33Ufjyg4Tz6AxZ44f0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1DD3 0
0 43ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=769082398379340&bg=!4uGl4bXNAAYIJb0jKCU7ADkAdvg8Wm_wsrrJUhy6BBGrKbk6xyNsIui1KRHJF3gKZRl99KEKsjkabiEapp5gn-tAV4Vg8Am3wOQCAAACLlIAAAACaAEHCgCciWa-I4g5p2OTiniYmgCraGysKw_NhvQbw659LmgzYEmON9EvLM4fuZUkrV3-YEyNb0Icxe38YzETVBamQGllhzWuSRKyRl8XhIoVCs55k2X3HCgKa5MAvpLdYD2t4c9fgruH4BWcZNn7jBTbFE0e6PrtDaGFDiigYM-Zn3iGzbTuknXcncfdLmadyJfEmZBeiGt-eBs77Qy_hqrZmQLpMMfBS_d3rzZUHthrOSRDPAnDKtGkXNB4_R4tFGZ4tLQQVaDJD5EHXOdt-jQRGP40z-lfeJhVIg8RdITJCr4uYzGO8hb64REfqUcKLrlIpXhz6rGDkUK6oqg6DyeULm9zxzpmZG8TEDj8Z-edZ7P45biSlKAXjWqqnwd0Ow-CB7FwUchhoZyijZNCG2okTt0q-EkUREn9qeu2qjrIXOaV_qL7V4u3MnqbhWDlrm5tQ4nizHxtEebnDGbQZmye0PwglEKGCU1_pbiZkiPWM48lfxEeo-q2N1HYhjMudbio-tPPIq5jqLER3ZXsGMFTAMH8EpWBPjK_y_ZF4wICOZvBO86SYF3MFwtXIhhV2Xdk60ZnkJWxbIeackz6xRyXNDd_lanwi-2NoJaATS7ED98VhNV705j6f7YDCe0ohSUb4Qu6nRTEnE4lk14SvT-BryylNWW1XlBDoz4I-3G9G16gekPrJgIMsAvb83c4i80aW2VBD0fbctZ5ZGTvL0JGKUqOZ_JzCmMMrN9k8iZ0sI2W4XEIrIk_GtfXpqeBKM4qGW53YS5LCTohJcSeRkBaj9-Tde-9SvoJsfg-kVbEmbxSO04_-NzHn8gjZhWxY0tFvo7AgbbsX81AZDIrde6CaYhDmZLM7ShY2Zeqbcu47-2pPPdAjGjL3JKI2R4wCUDuJL_SySdR5taabuvuNPhJk8uxdDm2VFeP6lXBgz_2iNPo7G8sW8oLJRXLPAOsuYzTTmI5TbhbdcrnAXY116dY2KFbwssRzJUi1d9TIDw9dymPuR200xJxLNs8M4850H6nhj2udgpgJDO6QGygyamwkQp3R2O_og3OiOsv0seAh4_TIC52NQk4M-3z-SJziVeFWk1ZvtUm5hpOCFDQFm3psRWlo6e3rUoDuN8GKUWd-o_QpinWkEYmmMbBNP6MeAILfJmYUCZUbObvdTSDVeK2ceX8B9MxDU3p7QOSB4ExlgD5KZCETcPfJqRKYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D643 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=3720251294834545&bg=!r6ylrPjNAAYIJb0jKCU7ADkAdvg8WvlZXpF0PJUnH3zw5t35laK4x6u59T4QpScxArs5nJKqqa_NCj2favguU6A1exCOVM7epskCAAACGlIAAAADaAEHCgAzIeNCri_mYBwJvrerCZjL-8LBrwihm5UFhXWS5IFmnutqnvU8IsdkFDNk1wsDnXQP_PHjmQL1IEk6nAh4M2_zwdYacjP8Bu4zkkm4JxkGIzU--ZKhPrBzvlpdpRzPyHTtNPeAIlfFSboSfcQaPir9iE3tQR6zjcYWXaBnzxFeK5n58HJwvH0GwpS0Hl_8eFe105tWIgUsDPnVyQQ9isi6s8KQtDKUH2StJjh15iJXAAxaai3N3CaAYo8h81qDMBpdzjS5gZ3cxbozdCEPAMaP-vQYdXHrck5BCoylrGFPHgxmkSAj2GiyefCTJTlfZEdOx7i5dJEnq-8PJ1Qy_XxvIIWjcqSn9WJiGgRSnfbkPuPI1ADLduuh89uJE-Pp-JhUpB_jWtvu9QAgTyubqZkYWWaNoPP4lgoBh-GkhHIaiAnkpZiAPH3Z5Vhh_lkG97OdSqfMqBFWu5Hu8PndeOGwwSc-Yuu9ifS2PjLj7yQii_dtTtni9MsrJGCLQl8R7JN8gOH5eA-nwIV2CiHHM7oVfEr2e9TZdReca-PxSqabmq2RYWO6fzz31UL88pJsW9maMqLoZURwQH_sEv5XavL0uNVUZKyWgYCBbBmuWAuArC2hbdFY21tOM0Acss_x3gVzwzp10E9UJuZ5WOd5wAAhrGkp6yjpg4fPUVK3WENw4hXpiybCmYryZy-_uJWjeJyfVAgbOZagk0q2DhwDCcrJsvRzFDLsHWQ47AbNO_rb2CEYWjB_g_29J59uDEhBgeiskHHGM89tOEL9KcPlYr589k9amfpgG5UVWi4hl5v6y_f-Ab99ixSuIlS6_DDLhI2JF0xXzBJtOf2HgdzjDEGHoIFaC2-ldm5Jt-ff_e2H_6dHvWH07iN8ZkqCjRCIEIDy7T-ZCuMs4chrB5_t0GxRXZB8QluKu8Vjj0nM_X9ehHjymyoicaJm5rekC6YSJdLtJlRVINVmgMEyJf7oV3WTKgfuujSA2gccOpCET6xbaozubHKzExpRLVnLDN1BvLVZDJaC54AtCtdeyPNoM2hD8LdpcBKBYcJVS9sL_4aQS5wPnHHsx0yzusXpTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3578 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=3214198863526157&bg=!p6SlpPDNAAYIJb0jKCU7ADkAdvg8WlyeTJs8XcVJpHzyFqtwT4DLS7t3WDbA0mfMpkBxHdTUUVd8R8iATsBCS4FStE_ZOd5F1PICAAACTVIAAAAEaAEHCgAoSXFYXO_HqutOVSyH9KKGfzm5MdXqJGujKAGWbK_yk99CVFfWa06ae5kC3BGz8TUfQSDiH6AiFZu7t_hsA2R9YGHb4cFm8dF6FTyT4JNJj6ngdMLpJYl18nRuImmlXTqGqplk4jl7qJP9SvqUDu-Eu5E34L9uSKMKV5aVvGPL8fFmH6O1FWymscX61UWNfh2pzNqgdCKGGVk14DCp8DBvyhq-x18x-xHY0mit2Y1uazWeFKZngD9P57z6qvCByC92H0oW1eOn-4wUzeUb5VzRY0rIbc2jdMH-IYsCtqdURsyXbcm6qj6UsYlCdrOzGBf9NY2sdWoWNbd4cgwhgf7wc3AY-Q2kQkggApdYT_LhnojshYvg4dYyxTCwFadgPZ7BKQkmc2GM56sQlK-reMbKGfhpVxNP-JySusPsGwV3KiMCe8n7ENWnKSSpPogrFiAAIZrHgsHiEdiJWRmNMq6cHppmGsCACmJDUDVWRfjgFUKQBen23NZKItxl2ySU9Affnr_LIInfuVsz9gVSmHscKdE1hEd0zVHzNGpqG7F3VZc2V_oe2ttU1Mo-4NnutbGVr0QtLOnR38vaR5r0cRbqxMCVLzw97CkuDPKlCzqGTEGzrc608o03Pnqwef4U6XWaSUwefFFRxlMw6bBbgCI7MyMY1K2HcnrK_-1uqNMBggmr7mzq7Yxhm0K3XRyekWU1POgTE2j9poSPVjQrLl6EQMCfDsKHy_LD0-VelbDX7PFMkESuJq2PAN4cYWVFlmt2lBURDsZZRNjOG_B0euzuaVhnFNK7_rG4ZE43Qw6i2-Z7zWGFYZF-ys72LzQYYf5GAZ0zvJUZhGlzh5hRLt74Ip7vhYVmOBFRVKkWzjotfEbTBPTx8DbNCpIwktgPXnku6NzVMjLt3WR5_TfpUym9rfdMy7jg2uX_DtIyyzQKgawFHpegF70w4bLNtBo0JNbw1WTJWynfkaiSV0joZQkX0MR1ULmsME5g7vVnPO4zUWx4YS_ERGsUzISw9yY1s0dFkF1kn07ciA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2043 0
0 42ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=1724737715024043&bg=!iIuli9_NAAYIJb0jKCU7ADkAdvg8Wo2UuBTYCn0X8jRUyYynYGE84E_JloSQfyfUgIUFE7PfLIazFxGswulahOopQyfVLJY6EnoCAAACS1IAAAADaAEHmQLpNqTIo6ZuR77rOdS2xvDrNn_MOyijCIvBsZs92Mk7K7QRp7k4ASEwekJmZGTEbkUG1IUuJUFcQxvHdOrn5yJmfHCSVfdWFx_8RXvGyYOw7xIzrnntnox2zB8TpMZY34FVc2wONltuYgBma-mLJ3EymMBiAfLRi3DjdFJjbBtc6VpIS1JlgmNaMnb_bR0wghQqoRlIGoVPOgcchSLhnf6ItXd1AWxa-9i6JM1ul6pXv5NoeehwMtyMiHpFfr0SCN4hmKS0kH-XaZWlywpkylXEI0hzVuVQgf07eCuARX64tsCGzP4VvHFZ3_1M_Xg0XArtXheEe6v1_gYad1LdGUji1VL0Ff4Rh2dWc5TecAxXR8uPf8A_evQfRO5AB3uoowqvbMMmfcgcz7KtEEY2DzHBEczN6Fz9DagfYpCpx-N3oaD5AjIt5_zfBaxdTKKQi-YmX1TSO_GKlygJFPllOalml5Dwfukazig573Ll1AiY61B7Sk0Me_VBSN56LVnuEDZRJocX3tQya5AdQvbcrVwG4wzQnCMdKrFwrq3X0RLvfX8j3rHjyA2t8NSb28hMIXu1WoPNXQDpBzTfOOqiPIjnN5wjb158nu38FObJeA85Xsi0mshK2NHZUbTdtFQfeSW4vzNpenx_IrnkmoDzxoTWKmHPHkP0TYHRJ7CBaKDIz0g8A5-uEnVfc5HQ8noV9a3lR-8uS7q8tFOFmVu2QW_g0-WW7HSaktz6Sv9o2FxoAlons6nIl0PKXjaeTnesjQIJoeb5TSGER-zFjsd4B0xG82Kmkcke_4zGcw6rW9scxd3FXa-RghKs_wsV2X1mGaShy1fuv-Ft1yN6-3U0KfopnzrBkGf96VxmKFhNFPHWV2e00AiEBkDYxdAuPsgsJzxUSFFz1V9EUvArdJOWDlZBfroP-Hrv8Z395X-pnKnxsjm7iTm96Gqy3-Tb6MeMR5sZt1m6-Wt_zBQv3F6huPngEDTUz8u4q4LY7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C9F4 0
0 43ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230406&jk=4037929438450422&bg=!MTKlMmbNAAYIJb0jKCU7ADkAdvg8WqrrOHA4k1hEss0vv2ObklWI5UlXX4NWEtA17jHvcnuOkUlRabTw0wd0gCuQJbID1EXstvECAAACdVIAAAADaAEHmQLzGRbDxv6t1sQ_lDNuQrP9cf9XBJvk3FPmVHM2WvDCxKq54IPhpxGehg3yqkcUtXzsCnQttC1aUn5q3ftQ8pnkXpppuqVCyhxuOw-1eMCPfO9CQSaaC4wcm5rYHNeeZ0gaNDt32z59Z7PtJAzprNRRL8mYL3lebHoXVM7g1kVPUfbiX1DbKuRer1GkaDM3XSW3j_OtRDlkE329u1qtmyTwFFYhNrp-QopXQSk41FTWiu_8erQ8tIN9YX2gAm9ISa_qjDI18tkNRI4syGj8hP6IgWS6qb76PkPBt0CnWAfsHySmNvqY9BMX8Hr-L02qgDVIyVhrBcKjQFeEcVhbzKVZ0uX2c7NAIvFdfLbv-PmjxEuN5VGq93_BsI0dqOhNdnIobp9Di1tZg14s8wcHe-ceyDpZ3RoMOnaz8evrLF6Xg8S_dlLT_2cfCVf79C_PUKkOkWbdTqZa3Rs3TIhs2mmRsLo98zApum2lsrSn6dLorK_pcKslBhdOxlz27iCl8wl1s9kDiM3cfZpxATFS0R4PNSlg5hkvasrclJ0BUmRZ1BwM7874NNlHXuLWqphdHDInqRw8qrQU0Ppm3lS3wxqBgngjJR3OUzE0I-_k-7UG8Rat64hzy69J7-qC33uUv2VCKIetWTg2Kys1tVh_jQdQipAcEv9L54CLLNlwIvL0OM1XnEUnHACBKQ5b7-ZDh44b3p1TmN92GcPbmBlY_QlazSe7XYS2MzmLTRWfdQOkLjdGsv0WFIDWPDTgqswQnpTIWzGm2LoKSBRK1wNXlAdhbtWMuJk4He7YcvReVW5NAnB7HT0c_04vVwWRLSI2Jr81LQBXJiPzPxzfWbuHwE2znM5yt5WRCUZFILepUwVXfWqPU6344U9peoUbeAJsPhY_N7W-v8r9snJDGBc1rzg-QEQixSVDMEg1cBJJgfnntMmPaZ2ACWpvsIgYnn_6ZsdPUOg4yqajeuqP82FP67r2qOPwLFCGD87JjMd5UbCAbMv8S1I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 150ms
149ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=6696&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc6&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:39 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 166ms
165ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=lfcgAGsvshrCnBTygASCltMOABffFirG-FE7fPshldVrlKDwe33LCFkrJ-E0zJPc9lYlvgNQ==&pm_ct=052cb64bfba5fee4f1d0144a&pm_pl=1681252052866&pm_td=6984&pid=1000177&en=1.1&callback=__pm_glbl_5XmDpTID572eIJ9oYz9AwwAT._gc7&tt=opt&v=6628d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Tue, 11 Apr 2023 22:27:39 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/sync

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tndeer.com/	1970-01-20 11:02:18	Name: _gid Value: GA1.2.28373760.1681252048
.tndeer.com/	1970-01-20 11:00:52	Name: _gat_gtag_UA_90928980_1 Value: 1
.tndeer.com/	1970-01-20 20:36:52	Name: _ga_CBRKLEJKHZ Value: GS1.1.1681252048.1.0.1681252048.0.0.0
www.tndeer.com/	1970-01-20 11:44:04	Name: _pbjs_userid_consent_data Value: 3524755945110770
.tndeer.com/	1970-01-20 11:00:52	Name: _gat_advallyTracker0 Value: 1
.tndeer.com/	1970-01-20 11:00:52	Name: _gat_advallyTracker1 Value: 1
.tndeer.com/	1970-01-20 20:36:52	Name: _ga_4QF84DQQBY Value: GS1.1.1681252048.1.0.1681252048.0.0.0
.tndeer.com/	1970-01-20 20:36:52	Name: _ga Value: GA1.1.2134955441.1681252048
.tndeer.com/	1970-01-20 15:20:04	Name: _pubcid Value: 2f82a092-e2fc-4551-8062-2fdc72b2f383
.tndeer.com/	1970-01-20 11:00:53	Name: __cf_bm Value: M8OCCah140ghkwlZXmT2Ijhk85wQL4j97FirenJLyWo-1681252049-0-AdVVBR38y0V+zGLra8Oh/Xc0nJxXo5XQSbvVFtm1tJpCvF+vyejow6qFZJBnf1a4PWnKPkEpNVilEd02LTm+aR9IpBHDpl5ssS8Ua97voneU9NSJrrGIhslmBf7U7eLmfw==
.tndeer.com/	1970-01-20 20:22:28	Name: __gads Value: ID=a6e16f9e92d65e6e:T=1681252048:S=ALNI_MZG7cv71ly9uMp6OlVN2Lq2xgMkVw
.tndeer.com/	1970-01-20 20:22:28	Name: __gpi Value: UID=00000bd4f3f1e73c:T=1681252048:RT=1681252048:S=ALNI_MamCDQX_rOwTSPyfXxtGI-dTCMStg
.doubleclick.net/	1970-01-20 20:22:28	Name: IDE Value: AHWqTUkjJ2eiN-uB_OPlhIQJgZGBEnrBqhAa4CA2fMebaqvBkm1hD4tw5qwR_S7N4Jo
www.tndeer.com/	1970-01-20 11:00:55	Name: _lr_retry_request Value: true
www.tndeer.com/	1970-01-20 11:44:04	Name: _lr_env_src_ats Value: false
js.ad-score.com/	1970-01-20 20:36:52	Name: token Value: nvQvxyLUsuZne-zkcm-PAyydvkUEiYVM
www.tndeer.com/	1970-01-20 12:27:16	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-11T22%3A27%3A31%22%7D
www.tndeer.com/	1970-01-20 11:02:18	Name: pmtimesig Value: [[1681252052893,0]]
.tndeer.com/	1970-01-20 20:22:28	Name: cto_bundle Value: bkmnlF9wVkRObHJFUlBZU21jYUUlMkI0MmhhR0pNWUVvRFZVeXgzNTklMkJ3TG5Wa2RucjlHUU9aYTFZb3hETHhUVmhRbDE5V09idjEzYUxWc3QlMkZqWnZXd3dvb2dyeG5UVGhuMnVROXMlMkYlMkJ4WnVUMkJab1htJTJGWE1LSU00RmJvYkVMRlNpcGdBWg
.tndeer.com/	1970-01-20 20:22:28	Name: cto_bidid Value: Q_MMh19wVkRObHJFUlBZU21jYUUlMkI0MmhhR0pNWUVvRFZVeXgzNTklMkJ3TG5Wa2RucjlHUU9aYTFZb3hETHhUVmhRbDE5V09idjEzYUxWc3QlMkZqWnZXd3dvb2dyeG5UVGhuMnVROXMlMkYlMkJ4WnVUMkJab1U0aGdTUTJEajZOamFIbnoxaFhJZDQ
data.ad-score.com/	1970-01-20 20:36:52	Name: token Value: qxOAYTidfzDol-b22k-fLCXgpvJZYuUx
.doubleclick.net/	1970-01-20 11:00:55	Name: DSID Value: NO_DATA
.mathtag.com/	1970-01-20 19:46:28	Name: uuid Value: 94006435-ded9-4f01-9d60-09ea527bbd10
.pubmatic.com/	1970-01-20 11:02:18	Name: KTPCACOOKIE Value: YES
.w55c.net/	1970-01-20 20:31:06	Name: wfivefivec Value: 9FzWUkWB1PMmsG5
.quantserve.com/	1970-01-20 13:10:28	Name: d Value: EG0BCQHdKIEA
.quantserve.com/	1970-01-20 20:31:06	Name: mc Value: 6435deda-1d411-ccb0c-57edb
.simpli.fi/	1970-01-20 19:47:54	Name: suid Value: 35A5F0D751B04D7383A4B1479292D0ED
.adform.net/	1970-01-20 11:44:04	Name: C Value: 1
.yahoo.com/	1970-01-20 19:46:49	Name: A3 Value: d=AQABBNreNWQCEADO1izICtwbFv3skLngDTgFEgEBAQEwN2Q_ZAAAAAAA_eMAAA&S=AQAAAg2-qS4qcJZyNJ2MCWg0ERU
.w55c.net/	1970-01-20 11:44:04	Name: matchgoogle Value: 5
.pubmatic.com/	1970-01-20 19:46:28	Name: KADUSERCOOKIE Value: 72827193-AE83-4894-B8D3-88E1859DCA1E
.adform.net/	1970-01-20 12:27:16	Name: uid Value: 4551159058701032729
.turn.com/	1970-01-20 15:20:04	Name: uid Value: 4267544511667086286
.tribalfusion.com/	1970-01-20 13:10:28	Name: ANON_ID Value: a3nseFM0ing9PBmSUT9ANkMcU7Zb2XsBleD4sZaUpHRPUXZbX5q3IZbbkXuNS6exWCwHanK2eHy3TtVFaIkf9dS4

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tndeer.com/login/keep-alive Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://tagan.adlightning.com/advally-dildymedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	error	URL: https://www.tndeer.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.tndeer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.tndeer.com/misc/tsi-campaigns/popup Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4f23bdd2016d4eaf4253217b2d15aef5.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
api.rlcdn.com
app.convertbox.com
assets.revcontent.com
c1.adform.net
cd.connatix.com
cdn.adligature.com
cdn.ampproject.org
cdn.convertbox.com
cdn.revcontent.com
cds.connatix.com
cm.g.doubleclick.net
cms.quantserve.com
data.ad-score.com
data.www.tndeer.com
dclk-match.dotomi.com
fonts.bunny.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
hal90009.redintelligence.net
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
js.ad-score.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.mathtag.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
pro.ip-api.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tagan.adlightning.com
tags.mathtag.com
tndeer.com
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.paypalobjects.com
www.tndeer.com
yeet.revcontent.com
api.rlcdn.com
trends.revcontent.com
130.211.115.4
138.201.63.149
138.201.63.157
142.250.186.130
151.101.130.133
151.139.128.10
162.19.138.117
172.64.154.204
178.250.1.11
18.66.147.50
185.29.132.246
198.47.127.19
2.18.233.201
2.19.228.187
2001:4860:4802:34::36
2400:52e0:1e00::1078:1
2400:52e0:1e00::1079:1
2600:1901:0:8344::
2600:9000:20eb:4600:a:deb0:3380:93a1
2606:4700:20::681a:4e9
2606:4700:20::681a:5e9
2606:4700:20::ac43:47e0
2606:4700::6812:19ad
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9a
2a02:2638:d::d
2a02:fa8:8806:13::1400
2a04:4e42:a00::282
2a05:d018:d29:3602:4dc4:1acd:4e16:7f78
2a06:98c1:3120::3
3.125.125.26
35.186.253.211
35.204.74.118
37.157.3.30
44.208.38.30
46.228.164.11
51.77.64.70
51.89.9.252
52.223.40.198
52.51.126.33
54.194.225.26
54.194.226.232
94.130.102.164
0042cef1cb1b86324fc3ddd21ee26779bc08092266aaff761f688c4b564c2f6d
007338ed62c84fe33708841ddbbd1cb1c9865d6391cc0d7969b02540107d6d25
018e41d12aa93349512c485653da52c218c2e0a6f753c4d8a561fcef2d6c7dd3
01b56afc5b13ea2bc85754bc06f9c60fbc5659f3ebb9803b28e17f2265b99b3c
04bb07a21f9767d30db07170b11cb656adbf2561bba98a6b43e23ff9858cb272
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a2cf52565b28d349a27dc85e1861a31bbe2941b8b9bda324328f81893504e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bac40fcd98ec7521c58477c9142f220b5158d6635f616d37a7aca28e92b1c10
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
115e253629c13deb372405b292cfd71e59adc06d2e7aad54151d5ccf2f0f8626
140f9d0084e313f4256de5a079834bfa0f3f61e87db88691493f2e8da081b8f9
141cdf9bbf78ce29430490c73be6fc73761545f8ca3a44b1bc85a0a6fa94c28f
1547901bfba4301e0062fe6c145ced826ea28f8ac80ad1308fa7ac7877b1c413
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e4b00dd786b6b04cb6d58982b5988e0b420661c4397a6c47202c4f445735dd3
1f5aaef4cd2310936af3ebbfc642f3aa055dac6f44e97fa295b8374212b20fab
1fb9eba0f98fc3a5c9cfa55a0c43ea1d24c5f2e388f06612f404e09fe83fcbc6
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
2262d50696110a18e87fa0ac8edb8b9860bccb89680a5c04bad6a5246892090b
24e884826b5cd569ce84c3359aa45f74b5f2fc4ea999ec5a351f2f654b024b18
2673204b01725c3f1efd0e28f0019288c0aba1d0aa6bf7484a1ef643747dffe0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b7e64ca3c3160d6de399420225047b2dd70571cffdf23fb727b1049c7c26e44
2b8a10b9346fd2cde25b5c9f74777e5ff5ccc9b38a220dbdff92a168a801a768
2cb07dbdcdba264e6205080da8e36fca06682b0f31080e12d9dc36b32b5b41a4
2de6cedd3c6f0abcd4d9335d96fdd8d6d36c843139dd2662fd0e9cf23272ce65
2ec3104b3bb00345e3b121a9f33f4bd0f9d8494dbf41302b2584dab9c6a71540
2f1b0a63f06decc2aa0f3fc0ae814062bf0d45de530314b838ddf3acdeb7285c
30fbbb674b9b7ca70ef66cbcf6b67a0a9b500d41220f8128ff73982e70207e1e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39fdb490d80c02dcd0378af006d4be12e4c781bb1ec561ed01910a3ed25fd690
39feacf74c9eb01916c84b3ee9cba7caa19aafcdc0d89a882157cc2a3655c476
3ad97ec0a60356171ca41970ac74d95c9f68f5f74c260db0e2490bd5195bbb8f
3bbd6ba4e335f68e6560bd5f1c6d57b3b1a72e665319bc3754d24c773ec309cf
3c1724d0e0546a35d6b35d39aad7cc66c49560de978c5e713dd275b81b420bac
413704b91a348d7d683e89218da6e9d4ed629831037f6911bffb25ad77fdbbfa
42fce8b8b4d2fb7383db4c88e1aa65f0f05a9cdb1b6352c811149dc8ed342c74
43d9df720ad08f0e48d998a869c7b139fa18efc69833c50aab55bdaf0f91769c
4410bdbb21d2f1f8e1b8765df9dd205506412301a8588e1c90967e98588416a4
44a656108ccea137aa63217d609fe978b781dfc6805d50f1a8ddd6ab763ee7ec
44d21155299f7586529228bfb9bef99d121ad611a2c9496aa544f0ed1370f4ff
4643a05e2aa46f5c134a7bb92d2fe589e0971c1f32297cdc63f3ce0f1bbe25c2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479715c4e97007450753dc7a07212bde9099e37920426a6299ff0307887b5f75
47bb94fe059f61b77d91dacf179c1495ad3bb442df65b776e50fdba41342c6b2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493fcd04dc5b6aa93647eb988ea0eedc3f590a9e65df25cab2e5f9331e092eee
4944b16bd9bb4490487e6de5e9f5b5747e684004c357f0f21de6b860c37e4743
496070d4e9503642b0ec489d7b00d6d0f1680d0fad5b6d0cdafaa482ab1a706e
4b44218b6be308601a7d61b3c317e1fb1db52b1376c5dc165bcee1bc477fd788
4b568787e6f4f8b7621e1c9b5be91803989e7a431fc62654499958e60b651c76
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e502892e02dc38ef4956c235d47141e2d3ee7ba8fb8ecc2b714e8aa23afaf24
4f39844dd00ab127ddc7b65059413443960ff179f951581658642043ea33c900
53f1b89fee65be040516da2e87134602f0e76b8d5f0fe6ba30bc5094f558cfb6
545fbacd3b5e548f9b58d7e975eb6863c07ee13515dc13181a5e295ecd6d86c0
54f402d42225c98ede613bf41d0aefe030e921fd8c7d9f30cfc6a93d4db444b1
55035c8e1bf91b46dbaa3e38e88b196fc198dbf0ba6ad73dda3d8ffad5ae2c4b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a976dd0766abb7dbc725d97cf1d83cd67dd5b776676612293bd53d9a2d01d9
55d0de157321b2532505e3a135710045ca52f2285b545a57c55663f5553fc5dd
563d12141db74e1f0b132d31b435b45a9f11ea127d1ad7468cf926353e1d5cdc
56c6333aafc87008cebf7f79b09ecdccd506a6bb3a59f59f743171bbbbfa0fd7
58f56cdaf7f32a5b59c5ebe36301957e8eb03efe748026b5d6d2888ce9df56ca
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59d95b2ed132235820ff25361f187e4b76ba46889c15b329fad73678cd044e08
5c82f2aaa49e931b60ce69392e662d200ea6e24eacdea2bb2ae6f5eb96e1151f
5e7f16d5126b253fa5e9cd3d38620449bd6b5d80d8c34c3bcdee96ce57f3a88f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f03828fcf726a934527a165172d68f8798b73e10bb72022aa40ab15ea821999
5fd797e52f79e66e8a6ae6b1d23731acd0f7b5f9ba3db95a7425cb7f56cd150c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
603c838369e0566dd77578c487aae5bd8ee4952b5bf5d0261b3dfa4e5b1667b7
605ba316f4ef6a7a733021106ce12b452d1f0ce609e121a3f9a89c6ced5e388b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6650d02db02cd5eefd381c4531ebfb416034ab56a6588d2b2a607a51d17c16db
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5ae0b28fc233065c3c3172e62dad39866d945081f110b32f953a07d11dbfda
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7025af237e4fbfbe30c03acf573b1ba1bf333b92432815563a7f9bb86edb84d0
745e6a96c11470ed5191bcce4d909c8d418cf7a97bc57f4f460ab6606bc91974
74dca99b970d0012419a8f128d49177cac2cd4c59d8dd9d39d67bda7a0c009a4
784a151d62ab9bcdb51c09af52a256e8a922d7a9119f5932e12f1e00fa986bba
78904ef29cb7588da244ae80a1116a5376037ba21a5c1bd75f54f352a9679c1f
797b78dfbffb56adfd5bdffee12f82a7eff5921364d37926a1853ba2a4288dac
7a31995c7ac671e2812d5ec2a695d5cdf3a637338d0e374a8b31568ffc5c983c
7f3502871ebebf767e2dd0ff47d71900de44c714070e83de2032bfb4d8fe2a19
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
86438519b2673d8427894d0f29703c4a502a0b2165524bba780b2f26d2a9380c
87cde02a5093d946202e8ca4849c9ec3b1fde00185b67a1801fc7b1dd21d46a1
89b0b16db8325b2c6db9a0f68eabea4c6ffab4022ee31fb5ea6ea64a2b19b0ad
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8c75692f74be3ed158752bed494d66b68665ae861409f406e7608ad5cc30fb1d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc8af3452e5e9acc5dc0096e0ef924166b6ed4ab1263e09c4d10e8832d33732
902b2a36a56e330557f1eb88e3d406a6a454c0d9e5d810860a11172f966f9970
904af0bdf4b9b3255993bd2225ac18c8bf2bc602483f1fbf8867c126e39b016d
90673657283ef068c6e5bad09dee26bd78f4b2723db402fca02760944ec3bb07
91503170d21d69ec143f4a373e54a5805f345ae332503cff548d5a48076ee0de
91a4d901b61a93fbe16ffb81d227e3ec571f735fd432f6f5ff4628d02e50fd85
92aee619311d0c7536acb0dc95cf6677c200d046b3aa07ef2662e8b18ed00d6d
93b6a709b2396103ab55cb16ee376f3520f1ea4e20e1c54508704acfbafefc98
93b8a85a40226b629c5190b22df697fac10a833a0d29d11d483ded82de0e1ccf
944c70657a0c576b8a52df913b7b6ec6e69b59f3f1912494311c73c0c572389b
94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9a0657f90ad7f91b3b2d808a1895878d750dc14229ab42e8ea7c3cb85ad70a10
9a49077bf1dacb1fa6ffc4357abcc3c681e16f6f3253927bd6c566ea5c2a8815
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb37ba328d5c79a4c56e52abae3c4decf65c6f6e775702d2ba71632f9522bd8
9c3a5247c27c9025fb8e2c12b2cd77255c02822a26fa26a90c7ffafa22082a3e
a00e016abe0e86941f2f7e00a4e4c9d59a5409852996f90b728552705a687a34
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e1c37da098045303af8bdaa18a04274fd47637c5bc20da46f8b8b48a8b72bd
a3383f90d48b25088217112ae1eb1c2b148353d20929f9fe18c3d5ac8f85df6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d0d3abf73a800df65bd575abb6f985b4da321f8f07b89e7c75cb386a102e6a
a6a4c603c74f514616b20b72f4dc4163ab8eca9e1addb4b66e491104cfcb6d5e
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa68e17fb13028f96c0d5b38fcf7006182894eb694625f9dedf5824d5066a5f0
aaba3136d2672accfc40ee820a19c23749273ab60886eb733f918ef2935a461d
ad579a22f6baedb49107f0d0ce2e9b135f8639e89fcaefdbe35121e581c6e639
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e02e096b0feb25045e40e4b74ef1c8916c1bac71c40a95aee6d9fa69f37018
b5a06a61cc91207a0766de728cc62f1bc1c987a5baa2155a542248a6ba0d97f4
b5ccc9d852a1604a640980c355232aa043f98d572b42bebc48da759a4ec56486
b964e6016328cace3d4d17dba1a6920f1fcdb95278f89d5200686c0fd9b3cce7
ba1c1cba103b212eaa4c5aea8268a6e94d3e0d39a16d5d094b604790db6d4fd5
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bb6b832663d2a15ee66acc81f3c5e6e7103d47c9c2ab4e7545961b66dee32a04
bfa804616663a38927300c5f94d5ab273912adfedc79b3c3b9012826b10ae23e
c11764f39ab90ed0ae52ae7c69c52c3e03872f1591d29ad1fa1bf252643b45e9
c195726e1fec34952dc003005120f6293ba0ff5fa19bcd222979d0a19571a586
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c3f46ea49987082d9560b53056fc1334c68fe31fc6fd5050ef87d526b618a7b9
c53ff29e4f891fa5d328d916f1e584837251dcd84b2aa97dc6aec0d0f6f713f2
c6ef6c4b1a18541fe32897f88c1a8d9d663d36df554c0551e87dda0dc2f85bdb
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc3397b2274a960f18aeaee94e4bee0ca53925f7d10dea8b54faff568fee1ae7
cc512301255515966a31281192fd886494b8ff8a8ce75ecba79d13b1b50e2f96
cc5913b50f8d42077b77f1a6bf6d776af2f464fc4cbb287687d94927813d5745
cfd65503a8174075a443229de42b85fb5e0947045209d0835885c59bd659fafa
d075b5c2f75d7e22200ad7d24dff1039f6e7497160a5de2443bf0086398271fe
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d13d25399949d8d43d6a4103d3e445aca9d120ad9f401788ac6a8aac92abf2a9
d36284451fe190e4f98b1608276928769eb4834b308878d70c9cd4eda0afb836
d4796caef51d6d208369574f34deb1fa889895573a8bea105aaf32ecf3d9f2f4
d6b170b852224674f5bb302cc37a113819358a24a5146153f21ebbd2616d3400
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
db09b1103233c04ec8abbc8d2bd73071970eaf7477aac770972ac6199f86f7a2
dcf8d91a751d48e4e8bec5c9b40a65339bceb711e69be3406aa0d10fb2c539e6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00021dd157ca3c9d0b89394313d3c248749b555772b3b0e52e4b23546657792
e0437392c827a17dc796745bb7bb042a334dcbade3f880edb446d751e3d3f66f
e16714166f6d7b0e7cfdac37586ac4700eac402f2f3baefcc8e2b724edce52d3
e2c2e90a93824edb0ec39524ce2e1e027817fb37715c200343c10a77d943e4cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
edbedb8ec049e357befdccdc2bf66c023f5abe5e9fd0cf862844add1b7a9ab35
eead50f4fbf404a1300618669c44a960ccb0801eeb2a261eee3aaed7a5d6700b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef25e46cf5c858d8c1b4f30f77000ca3c824eebed4382cb9ba2d5555dd2647d1
efbf880354b4a5d269e537e95eaac5f228c4692ec65052ade9988f3b7e4d379c
efe0d7f948a9af96f7b27631811066594ae91c8bc42ad2e7e24239a1524d7ec0
f0e9ef06625e97f3b9d238e484ab459e8673a030cf94159ba4ba0dc20a2b5eed
f2366f3afcfda94397a63e60c2372b3bc7ca5bb2cf94c26e8b6a266fd47f3a16
f25b1cbac836fb689b0542203bef51b20aa5bfa0671f6cae53fc03c3cf2c854c
f290ca7d6fcd4d6573cf36f2bd2c9d8136cb56d1f6274ba9a44b44ab2f8d59dd
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f4579380dbb1e30d34e92b678a1fee19091a1ea1bcf401a9472b66102800e651
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f94992a88ba4c47535300d9ba5a5b62a06c603f5e5d33ae6ac22d24c23b1a07f
fcd835c1d21100d3af3cc7a0eb2a66e5b4b33b571b17f8856b2197cd85def3ef
fd01293520ca2a39e862bab2c2631a3ce64199e16856a42709061126b6121e28
fd425973537ffcb71404e3d9686a97650228c94824451ce97216691e862d9f3c

www.tndeer.com Open in urlscan Pro 2606:4700:20::ac43:47e0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

330 Requests

95 %HTTPS

51 %IPv6

38 Domains

62 Subdomains

50 IPs

10 Countries

4210 kBTransfer

12547 kBSize

35 Cookies

15 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tndeer.com Open in urlscan Pro
2606:4700:20::ac43:47e0 Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

95 %
HTTPS

51 %
IPv6

38
Domains

62
Subdomains

50
IPs

10
Countries

4210 kB
Transfer

12547 kB
Size

35
Cookies

330 HTTP transactions
15 data transactions