www.tndeer.com Open in urlscan Pro
2606:4700:20::681a:5e9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tndeer.com/
Effective URL:
https://www.tndeer.com/
Submission: On November 27 via manual (November 27th 2023, 3:31:50 pm UTC) from US — Scanned from DE

Summary HTTP 388 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 44 domains to perform 388 HTTP transactions. The main IP is 2606:4700:20::681a:5e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tndeer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2023. Valid for: a year.

This is the only time www.tndeer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:47e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 17	2606:4700:20:... 2606:4700:20::681a:5e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
24	2606:4700:20:... 2606:4700:20::681a:4e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	52.73.25.207 52.73.25.207	14618 (AMAZON-AES) (AMAZON-AES)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
25	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	18.155.153.100 18.155.153.100	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
8	18.200.141.183 18.200.141.183	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
3	2600:9000:245... 2600:9000:2453:6e00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.230.206.3 54.230.206.3	16509 (AMAZON-02) (AMAZON-02)
8	18.239.83.111 18.239.83.111	16509 (AMAZON-02) (AMAZON-02)
2	62.149.0.74 62.149.0.74	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
15	54.230.206.114 54.230.206.114	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
5	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
60	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4 23	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5 15	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4 23	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4 5	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 6	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.29.112.162 52.29.112.162	16509 (AMAZON-02) (AMAZON-02)
1	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	35.157.183.113 35.157.183.113	16509 (AMAZON-02) (AMAZON-02)
3 3	2a05:d018:d29... 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e	16509 (AMAZON-02) (AMAZON-02)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
388	55

1 2606:4700:20::ac43:47e0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:20::681a:5e9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adligature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:4e9 (United States)

ASN13335 (CLOUDFLARENET, US)

data.www.tndeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cdn.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.73.25.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-25-207.compute-1.amazonaws.com

app.convertbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-wrapper-analytics-prod.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.155.153.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-100.ham50.r.cloudfront.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.200.141.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2453:6e00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.206.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-3.ham50.r.cloudfront.net

img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.239.83.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-111.ams58.r.cloudfront.net

images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.74 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-74.cc86365-03-tmp.cc.colocall.com

idrs.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.230.206.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-114.ham50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.58.206.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.112.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-112-162.eu-central-1.compute.amazonaws.com

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.250.178 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.183.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
121	googlesyndication.com 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	2 MB
74	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836	476 KB
42	tndeer.com 2 redirects www.tndeer.com data.www.tndeer.com	377 KB
21	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7382 trends.revcontent.com — Cisco Umbrella Rank: 2528 img.revcontent.com — Cisco Umbrella Rank: 10265 images.revcontent.com — Cisco Umbrella Rank: 8685 yeet.revcontent.com — Cisco Umbrella Rank: 8368	207 KB
20	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	413 KB
16	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	4 KB
15	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2185	419 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	637 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal90006.redintelligence.net — Cisco Umbrella Rank: 291193	47 KB
8	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 9174 data.ad-score.com — Cisco Umbrella Rank: 8743	182 KB
6	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	3 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	165 KB
6	convertbox.com cdn.convertbox.com — Cisco Umbrella Rank: 27247 app.convertbox.com — Cisco Umbrella Rank: 26870	157 KB
5	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	6 KB
5	criteo.com gum.criteo.com — Cisco Umbrella Rank: 454 dis.criteo.com — Cisco Umbrella Rank: 597	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	2 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	436 B
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1824	970 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	324 B
3	adligature.com cdn.adligature.com — Cisco Umbrella Rank: 90557	120 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	adtelligent.com idrs.adtelligent.com — Cisco Umbrella Rank: 66304	445 B
2	cloudfunctions.net us-central1-wrapper-analytics-prod.cloudfunctions.net — Cisco Umbrella Rank: 85033	145 B
2	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3425 cds.connatix.com — Cisco Umbrella Rank: 3536	297 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	388 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	98 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	705 B
1	intelliad.de t23.intelliad.de — Cisco Umbrella Rank: 143572	557 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11905	60 B
1	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 11673	3 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	416 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 3513	267 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1329	604 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 534	67 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6032	272 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	442 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	92 KB
0	eu-1-id5-sync.com Failed lb.eu-1-id5-sync.com Failed
388	44

	Domain	Requested by
60	tpc.googlesyndication.com	1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com www.tndeer.com googleads.g.doubleclick.net tpc.googlesyndication.com tagan.adlightning.com cdn.ampproject.org pagead2.googlesyndication.com
55	pagead2.googlesyndication.com	1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tagan.adlightning.com googleads.g.doubleclick.net www.tndeer.com tpc.googlesyndication.com
25	securepubads.g.doubleclick.net	cdn.adligature.com securepubads.g.doubleclick.net 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com tagan.adlightning.com www.tndeer.com www.googletagservices.com
24	data.www.tndeer.com	www.tndeer.com
23	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
23	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com tagan.adlightning.com www.tndeer.com googleads.g.doubleclick.net
20	cdn.ampproject.org	www.tndeer.com
18	www.tndeer.com	2 redirects www.tndeer.com
15	www.google.com	5 redirects googleads.g.doubleclick.net tagan.adlightning.com tpc.googlesyndication.com
15	tagan.adlightning.com	cdn.adligature.com tagan.adlightning.com 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
10	www.googletagservices.com	1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	www.googleadservices.com	www.tndeer.com
8	images.revcontent.com	www.tndeer.com
6	1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
5	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
5	cms.quantserve.com	4 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	www.tndeer.com googleads.g.doubleclick.net hal90006.redintelligence.net
5	data.ad-score.com	js.ad-score.com
4	hal90006.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90006.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90006.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	yeet.revcontent.com	assets.revcontent.com
4	trends.revcontent.com	assets.revcontent.com
4	assets.revcontent.com	cdn.adligature.com assets.revcontent.com
3	dis.criteo.com	googleads.g.doubleclick.net
3	pr-bh.ybp.yahoo.com	3 redirects
3	x.bidswitch.net	googleads.g.doubleclick.net
3	tr.blismedia.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	js.ad-score.com	assets.revcontent.com js.ad-score.com
3	app.convertbox.com	cdn.convertbox.com
3	cdn.convertbox.com	www.tndeer.com cdn.convertbox.com
3	region1.google-analytics.com	www.googletagmanager.com
3	cdn.adligature.com	www.tndeer.com cdn.adligature.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.tndeer.com
2	um.simpli.fi	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	gum.criteo.com	cdn.adligature.com
2	idrs.adtelligent.com	cdn.adligature.com
2	us-central1-wrapper-analytics-prod.cloudfunctions.net	cdn.adligature.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	onetag-sys.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	www.awin1.com	googleads.g.doubleclick.net
1	t23.intelliad.de	googleads.g.doubleclick.net
1	m.exactag.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	s.tribalfusion.com	www.tndeer.com
1	fonts.bunny.net	cdn.convertbox.com
1	id5-sync.com	cdn.adligature.com
1	id.a-mx.com	cdn.adligature.com
1	img.revcontent.com	www.tndeer.com
1	polyfill.io	cdn.convertbox.com
1	ads.pubmatic.com	assets.revcontent.com
1	cds.connatix.com	www.tndeer.com
1	cd.connatix.com	1 redirects
1	pro.ip-api.com	cdn.adligature.com
1	www.paypalobjects.com	www.tndeer.com
1	www.googletagmanager.com	www.tndeer.com
0	lb.eu-1-id5-sync.com Failed	cdn.adligature.com
388	63

This site contains links to these domains. Also see Links.

Domain
smeagol.revcontent.com
xenforo.com
customers.addonslab.com
xencentral.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-19` - `2024-07-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adligature.com E1	`2023-10-25` - `2024-01-23`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
data.www.tndeer.com Cloudflare Inc ECC CA-3	`2023-01-29` - `2024-01-28`	a year	crt.sh
cdn.convertbox.com R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
convertbox.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-24`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-25` - `2023-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-11-12` - `2023-12-12`	a month	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
idrs.adtelligent.com R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fonts.bunny.net R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.intelliad.de Thawte TLS RSA CA G1	`2023-07-31` - `2024-08-30`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 51 frames:

Primary Page: https://www.tndeer.com/
Frame ID: 56962DB1A4E46282FA0623C63616B592
Requests: 111 HTTP requests in this frame

Frame: https://www.tndeer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 363C0C38B1CC85CDA72275C71723EBD1
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/387147/connatix.player.dc.js?tier=1
Frame ID: EBB39F85D060DE8210B5903FA969967F
Requests: 1 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0140E16F82A2D038E4755508EE187C56
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?v=a6bb4ea&pid=1000177
Frame ID: 33D3A0C0282CE537BECC11B05C43EA45
Requests: 2 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DAF3D926D8EBE55185470CE23BBD217
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: E5BBFFDE294EC2E5979EB2FEEB092D7D
Requests: 1 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C33AD8D5C7E1A686AF16F9F6FD93B908
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102706&bpp=1&bdt=238&idt=297&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&nras=1&correlator=4196359418440&frm=24&ife=3&pv=2&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.nec7blv4krw5&fsb=1&dtd=305
Frame ID: 2A2AF4B618950656A133A510D27F013D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Frame ID: 9362E0816FF8432999146ABD3DCE7A1C
Requests: 20 HTTP requests in this frame

Frame: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Frame ID: 70CBF8711A12075E31BB272697CD0B98
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103116&bpp=4&bdt=168&idt=185&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5322776173912&frm=24&ife=3&pv=2&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bpzya1ps4ci&fsb=1&dtd=199
Frame ID: 55628AB94DD2B70756D48DD379E764DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208
Frame ID: 798E39EFB17DDF38082A88F3FC1A8142
Requests: 13 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DDD3372A9D064262C9271281E59E849
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUiuyz2SNKi6lhXfU5D0p221F4FUa04coQfFg9EwAs8khmeLPTmamW1asa201F7QMLWVPG23tQUjxRNG5HppTXmKzCAidEzag9cctMz60DvuHh0W8AiML4xnCiFynQoDdF0vwEeD_lqEkU6X9rPLZE-3f0c95-I43TCV0fQJ2SGe52zMeI
Frame ID: 6AF6A5148DA78E701E0D84DBD65A5A99
Requests: 5 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 72B02753A8DE8688DB206BE3B75257F7
Requests: 13 HTTP requests in this frame

Frame: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 440F1DF548A3CB1E9C72395E84FF96CB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 94665E9AC25C0AF9186DA0BC41924EC9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 729F36AA9577EC737EBB64EFCB8EB82A
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Frame ID: 6D821AEBB2A3C1D8140BD0B8A542AFF0
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: AA2ABE2B4FBAA98042A8A8A694E78C10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D9609340A0DCFE76407BB3E19908EE4F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755404&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=3&bdt=253&idt=321&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&nras=1&correlator=2328295226496&frm=24&ife=3&pv=2&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9e5ydbteyjzc&fsb=1&dtd=412
Frame ID: 094EA818D953A675BF85A719ABF292CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417941&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=4&bdt=265&idt=234&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&nras=1&correlator=1786289064866&frm=24&ife=3&pv=2&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9cj3akkzfk36&fsb=1&dtd=332
Frame ID: 84BC6CC765DC28CC47935272AEBFBB8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445
Frame ID: D75BCA2E6C83FB9DC88524CF90212775
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354
Frame ID: 72CF1A03C4B9EABA365E92EE37F9B5A1
Requests: 10 HTTP requests in this frame

Frame: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Frame ID: DC2D9E5895E726BB5910410724E57498
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417943&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=3&bdt=285&idt=252&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5496080803802&frm=24&ife=3&pv=2&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i8t8z7ctcg3z&fsb=1&dtd=265
Frame ID: AEF1BED3E40EDAEEF7CB0E329B751081
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=50&slotname=9069610239&adk=3566346098&adf=776186319&pi=t.ma~as.9069610239&w=320&fwrn=16&format=320x50&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=1&bdt=285&idt=256&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5496080803802&frm=24&ife=3&pv=1&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.rz9bj4j1mr4z&fsb=1&dtd=274
Frame ID: B4DC8049D6C8A3BA146A56C496A5BA79
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Frame ID: 6EFD96D0E1A7549EB8C8518FA13BB0C7
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8433C89CBE865093D93C68A644159CEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5813AA7E643FC9F9FC0962EDFCAD5A30
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D10CEAB382D0216900B19B2A769384EC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0221D97F595262FBDA2AFBDE6F6ECBCF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76C047ABC3C44EA0F0E16683F82C8482
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A34CD11B77A3A6C0F76B8638E50D7354
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F59E46E893642AE215B23AC39E4D2982
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D2DC53B568BB7D7CE13AAAC2EC8C94AC
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011
Frame ID: C668FC59F2EA72996BA47D71D06E04DD
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Frame ID: BFFAE97699ACCCF229EAEB6D63D44E92
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D51E3F74D291877805966210379D924E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6D6ED8494DBF7150D6AC70D4BABA0D6B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 591C008FC4232A8AEE68F6797FB2B577
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C8DCA5CCE5873A879E3183A04BF079F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 0323BBE66D5AC91360362FD3DD0CBB1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: 78F71E6F1F4CE8C4DACE303B2F38B953
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js
Frame ID: E5C67B18ECBA12F49F136819AB465462
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F223911A8CF44B6B2156ACE6594F8F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 852CDEFB4DAC6EB59CE11190A5D70D84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4CCD2D576E5E5074D3622D900715751
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2019BC2F33F8A5DF89FCE992E8140781
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tennessee Hunting & Fishing Forum

Page URL History Show full URLs

http://www.tndeer.com/ HTTP 301
https://www.tndeer.com/ Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

388
Requests

91 %
HTTPS

44 %
IPv6

44
Domains

63
Subdomains

55
IPs

8
Countries

5380 kB
Transfer

15140 kB
Size

34
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://smeagol.revcontent.com/cv/v3/kuK8j1lR-hN3IW6MQVyRu2b3yR6fTIlUAIHadgWm5BY5apMJt7AqIrBCU18FoJJI0-jRKp1cqb3W3lnwL1h_H7qbnky6qktVXPxf27q4iRF0FtemNnoVusZgfOM2pI0z72pBWOolE3pWc5BX6iB4Ue4iP6P-fA5lR18H6d8Bc4wo3ldVp5dQLIVcEQ74BRFW1NYUn3ZlBzgEjwuTkyxLJfJNFP5T6EWWDr81_F9QqG3xvYAvzL3Z2PiaW979rDqvhUMXzf8_ETqXXBweFmC8nlIqnyZlFKOECB8GtcWrzB7R6nHOE8hGZYAvKmWXVC5PLx7DohShFjCEaQ850BAz_4PDm1J3iDeGXyS8oMK7X654bfbLg0j3CFU5FSBWt1uOZEIoml5isADzXWTaIYQNoG1eQkZdHGBLjA8efwlyBx3QtWyDg5JWLg1soIlGyeEefMpTJnqZxhEDHcshYIdMuCdd83sRZb_hFoxj4jp7tp1534ipOTmWDVZDit0ZVHp9fSjpGaBi2T_DLrx98BnHD1nWnCKpLAlNtzsu_a6XjutsDzo7eTO5HOUCV3QeogXOTrWexm6mzy_WFvWpBpw-FsZyfo0UdfXaHrCX?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABAdgBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Steinbach am Taunus Elektroautos Für Rentner: Der Preis Mag überraschenElectric Cars I Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/3ZPJXy3yoAsFdED8b0zoz4LJYwaRnzzCnC4bIWA4vHvW5VBB-7OCbzHAiwsOWYD3E4-QTd6fzNSdOB9KeFGd4H4GbEw3jGQH58szO5zNXludaf56PTKr02Ptdzlt9EU2gC129hWaFppW_d3qeKcHp16VuTE1ErVn8-9B8y01n8R1UCJm1-QLEmBtAWAjAmRum4xiSQeTyAsfL8GPUSDsuKKNozqbsT3F5d4QwmRV2eMhsOl5wA58Q6DmltUknJPnhdmSL3C-9idhW25erStsKwpIf-phi3I87UNGRpsf3L6jVZoL2QfTu-H5jGSfhGNjevWRYVZM6nf5BpKmLmDAQod7z0SDJXNhvah_kfimH11mS88-HPBH7deaST9yPlkWrqv6fU49dXCsCtuDTvnOF2BsQeeADB878s3hGCDmhNGE11AkPnhVtOrFL6AFQe9rV5BiA51-I_EEbEF3VQuV7LO4hCxaXzLNDmWB3lnrYcRDv0j6CPBn-0JqvtMebtDO5Hx4ebFkOfk6SiWn4cxWM7Jfb3j5JRXWV-gMHJUyGrXAwdgUGDTx-120YWfe4b-jFcckrc7INSKE7XMHKdeb4g12r8G3uaga3cwE0h4e9PUp0Op5ZsH7NUWrKb5g4u1PMIdTXeN6bKsGWfyySGFiBKi8G9C2MnBDugMJ-AH7Nxy2V4IQfWugKoEYKGZIccZH5LSfWyiZxRbQ8OSqW67O3TyKvCIHn0gdZ62i3eyT1L_Uz0qKw1dT6EI?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABAtgBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Neue Mobile Treppenlifte Erfordern Keine Installation (hier Suchen)Google-Suche | Gesponsert

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/_KlplCziZJ_6FbAmt1g-smrgGPFm66ZYGYFcBcVxz3qVzGxbRHHnnvwdjoqiwBAkEgR9exT1MVrQb0IGv5H7dYe5J5HJ1mOmSvc1FM8DfgrTc-WssO-TOrRM8egF6_VkJ8K9H4lRDWDtxG4pwX3kc-GlPfvTlu7jE6zBM152GkflIEfiTPoEvB73pR-KLgzKspflpSfK2FfE_PJsQs71ynU3utl2SEW0HWeA-tK342EqS5Nqg9MTC4fgOFC6PJDoRf6dsldcqfM2I7wucPAbeL-1hilk1SFh_c67chIMIsV4WgjOr8DJecaOAGpE6UYznQiMRJ8fm4pv_zSm9rmrl2oTzBmgGgpknoUGIgZVko-qVZvKwBV8yF2tpY07RvB7BlihaJjT_351_ZN0gmmRSVZJ48fwGR2QyTncwk3sI36A3cpmcftiJyMwklGU6n_DOFAacxz1s_5gwR39JRCMIdxmybv_dhoTgm5_8wkWVtCtT3ykvgFLy-k304q53E1m7aMyhC5-ROeDFAIznEmzlc9Vv8Bykd3gxFEwO-hZZbU9fOd1QUOZEcbVBG4eQXNCKnCoE58zCtA?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABA9gBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Dies Sind Bäder Einer Neuen Generation. Klicke Um Es Zu SehenBadewannen | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/2VBkVOmWcinm_HE_tLey9ZcCgkQyfpIv5h7eLl-7QZd3Cbj-_ipS3n4bzFKuPxIysdP5MKcki0kuxlr-R8Wfma68kDV_yG7VKvs4JxUyP3nCmylOIlp1DH80bc1jm4YODN8KsRJDD9An2JseqkhLP79bytpOXScL2QmY6XKpllxn7fi4r0bQXWCKdd7dZT8BTE7qHhyfh2PZON9tykaRuYCRc580MIbgftkeAQ1rBri4DCbl0W299CLnJsH8bQNXhDf8p18yAjcJkZgOq8voIeC-FSh-tzzwz3Tp614Ue8Deftv2hDO5SIZcu3LbRX8g-RU0e2ZbbmBf8uZqR7DG5W30-SAt-mFc2BVdc4dyxopSvo52k0H5FJLrXdZBqwuXpTLPK8-yYdq4p6Md1x-X52SMGtFXmAH6ohhaxT-sju70fH0yyrEFNNEVRe--iXuNe-JQVJHSImnssRbCA-L4Z2jbOAqbBLjB8Ljdorg2p5oHtP-QwT8_KHp9_QqGB158RRjNw2ClGFPvAZO_kfzMp1AK2Ro0NAUIqOu-eFrtq3An3g-uiAABhGUEQm1G9g8nJZW_?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABBNgBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Eine Einfache Methode Zur Kniearthrose - Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/sKlBq2y-BcyyBsAjplwPuFpgK35eXXC88dX1BZbaKPm7y0QH3RP9zVsCS_QqZrSICRVi9El1gkTXST5gyij0FJ856DvIIZ7KOTlDgL1ROXzhMCxT_8JPZ2nPrnmylrGkBW9KPg0T2rsz-l-Eo00WD-ZUZCHtakXnY68K7uJYJaEyBFWpnzkPOAKJ9A6NwjZA_9C3EaYtJOP4p0GCiRp4U4gq0NQuPxpdjYhC6J6fLj52fNaXWKGIqK1Il9DmxrJMosVrc1ee8gEE7xBIiF4E6WSSkcVwN350edFjZTfr8H1N6MQ0io4MMNgAuUJTzQq-flKY-IyLkb22-wvjcc1ppkEokagdgXoLPY1hpdDkLHor_62NoYieXiGDKwhhBUAZkCHXQsXCgwLq7ywf4W2HIclgXGX6X9VrNvJ2_366hg7rYcv-oP1LSJgHk61-FdaHC-gJmVaTCx4aDuHwm127qhoQf6TWrIJQjvZl0ZRUWwXDlEz7x5TPVsqzdTfyUELA3CSE7vq8UFoGRfcVjCe5NFtnlIznhQ3oQM4S_qV7pN2GHNY92HdYhAiP3duaQxJ3aIpPwp7y26lkMLcB4OotiMlAs2WftrMrJka4R7Xgr0pzM_zioy8?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABBdgBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Abendessen: 10 Lebensmittel, Die Sie Niemals Abends Essen SolltenHEALTH NATURAL

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/HA5io6AjjI7eBFc8CmDigflt_VM8PEbVQXimt6hHlH0DoVG6a2cqty37_Dq9Z-B20O2lakhQKa3P6A27ajqqED-GbWUZHE_bxd15DSG-8l8W3soe58u3CBdE300zaVJ6gWb_oNW8p4GTqwNAdleC6y3gWqG5tjQBHB3dE1YghsVvNErjjtpde6eD9WB2jxOHCW7JaynrDwXYs8b9ZCdMSWOPkBc7Xb8l0n1ZGKXZqpJ0dGsAMcTZERe6w7aRNClHDifX6i2ucWWf_iCjXCLHhNmQfXfdf568AT3vW8EyQiOw1lTwiBrSdojnh8kSk-gmOJCa7AB9e_zkZesblzDV1orTVsHrzCD4GaiQJ6jVsWgNCjU11SQttmJXGyY9BJCZfo3lvGdlFbw5Bfz5WhfODuaJeXpuEz4SJBEKLxvX_vspD1iJ7-n8etmOpi0HmUj52EWl1S18474mf_e5eTqPq_V6sNH_9C0rJ88UBzAs0GOTUqIMkmaxoZjXUUVRafC5AYnjoa9o-puIIfYrw7y1cuosWShdAfCALIvADsKKfipv1NoQelZuzIxqesbajpbeSUr45aZJ2vZyGT9abpYDpA1loANZ5A54bIWLExXam0gOoWw?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABBtgBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Top Scientist: if Anyone Has Ringing Ears Do This Now (Works Like Crazy)Healthier Living Tips

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/kcZfPQt7TZ1w8U7eMApWcKqH3dFDPDGuspKSoOnA6EykN0YABxNzHuU5nN1pdI0S-2ZDwIm-ikw17orNLna0E_GCZFR1BauWoBzEcMipZPXeryG46C1s3rJN4nTPn7BVemfRmH5dYQRAyHr2oC4jP8ZjD3h3dLfXlBzcssef3gQ88MY1OHNcsgfsqyjoMzkgWLcMLLUDTWpSitpA9Q9KDGgH2oYP-IyoXloX63QYqs5oiAt7LXRFqhbI8Bfwxoe3KqxQwQuOsrMY18BUMAUyRuVI4sQVhEoA-In_DzcKKFg_Lt7J9JL1f6AMwAVI1BKeY-84KUJQOnBLRLL0zNsXqK1is6cCPNBEjiFo54FezY3Oqr50bcOwMOUyhlI9YycFvMrimYXFUbi0P6gdLXCY1kJ5JtxYb6y6gvzjZ3B0zMM2Ot37MRu9V93rLzLoiWdAkpmemyWZIMXjplzLq7v799tASTzW1sU2lLRNH4m17bKDLrV-t8E8ZeVBK0kqdGB0CTrkOtA6idfasxZBPrvjL_W8qASy74Bt0vJGAUHk8Om2mGXqxImmytLvUPpga59_aPC_a1nNNMfoIhfk8UM8w10UfXgzNTrIcUDf?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABB9gBso7wAZECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: Doctors Amazed: Do This Immediately if You Have Diabetes (Genius)Healthier Living Tips

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/AzVipalaz8acFGtg7NrwfIQLupJ5pwlceOaEsueoLD9rVEb344PicHqqWGXzOPRJBqtDOReckf5iTrr13Ifh5cxWlj8zkZmR_2W4ZPX4ZvdANpPHK-jS1FMl7J0j5JZfRPKVtM1TTK-snWMqkIGYlzHMJoRokrIwypAdXuh7uNCfg9jUmAqvMfIKFcqvMzflSEZo26_I2DJrr38l1fDfF8iHcFxXwv2yb6WdE8gtnLlO3VK2dm18R-x3fMQcw_SRhalqXsAmWKlMAAw?p=GgFDMN3skqsGOiQxZDU5YjA4OC03YzczLTRjMGUtYjU5Zi1iMWZmYWEwYmNjYzFCJDk2ZmVlY2QyLWE5NGYtNDg5OS04ZjExLThiZjhlZjM2Y2YzZEoLd2hpZS13YWxrZXJQ3eAJWOzCD2IKdG5kZWVyLmNvbWoHZGVza3RvcJABCJECuB6F61G4zj-qAg8xNzguMTYyLjIwOS4xMzbqAhEKCGdyYXlfaW1wEgVmYWxzZQ
Title: The Close Relationship Between Stress and Sleep

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2023 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://customers.addonslab.com/
Title: Showcase Filter by AddonsLab: invalid license detected.

Search URL Search Domain Scan URL

URL: https://xenforo.com/community/resources/xencentral-feedback-system-2.6238/
Title: Feedback System

Search URL Search Domain Scan URL

URL: http://xencentral.com/
Title: XenCentral.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tndeer.com/ HTTP 301
https://www.tndeer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.tndeer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.tndeer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 50

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/387147/connatix.player.dc.js?tier=1

Request Chain 145

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWS2X2TKbSXkEknC8i9fFwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI3yX_COcPUrzNHX7ZswaNA&google_cver=1

Request Chain 165

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3NzkyNTY0NDg1OTk1NDkzNQ%3D%3D

Request Chain 200

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 201

https://um.simpli.fi/gp_match?google_gid=CAESEP10tjPBySkuyYcaCv_hR1s&google_cver=1&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50vvKhPJETu7hP9il0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50vvKhPJETu7hP9il0

Request Chain 204

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 210

https://googleads.g.doubleclick.net/pagead/adview?ai=CLqZXX7ZkZfGOIrqipt8PxI6R6Amrm7m8dM_z4viiEmQQASCDxPYBYJUCoAHd8KrAKsgBAagDAcgDywSqBMkBT9CvkoEPTWK0cpf3vndbAoXE0AWanSq3CVsUEf8SuFxkAJI6qSn6qZrf5rDvmPI2QKdKbBVNSbf0j-3uI8XPdjFoZZ_3GAPz0bN_YcGk-vNOIAizFUbIUu_LNrpLykafj8VyB2odVEYthhQ6Bi3o6Dlfx4l4IEBCO2n-EbP6RRDjejsWRCEnj3pQlSIcoHbs_Tj1h6kReATmKDdOC_2b78m290dp265Rf5cwtpxxnh2hIGFptM1bmOhbFQ0Xfeq1oPpPeCxPWSbdwATJ7bCxvASIBe3lkrhNkgUECAQYAZIFBAgFGASAB92o-58FqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpZoF0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJiwFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZFBhZ2UuaHRtbD9jYW1wYWlnbl9pZD0yMDc4NzI3ODU3MyZhZGdyb3VwX2lkPTE1MzY0ODY0MTczNyZwbGFjZW1lbnRfaWQ9d3d3LnRuZGVlci5jb20mY3JlYXRpdmVfaWQ9NjgxMzcyOTUzMjEygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTkwNTQwMzgyMjI0Nzk0GAA&sigh=kaBaNOz4TrM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNHi1W-smi_o8SuLBdoDOgRbo8BrMMrY8pHuTEZkFp-bVx85HJpw-xwPKu-_PToFZPhNa5b-86jhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221226252634128735107%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216995280408482034033%22}&andc=true

Request Chain 219

https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D&documentReferer=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.tndeer.com&random=4029522595363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D&documentReferer=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.tndeer.com&random=4029522595363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 278

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 283

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 291

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011

Request Chain 307

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJOEeKStxdKHFCjLn2xl1cBQ8-Rl2tVasrU_7E5oqWaRMVY HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJOEeKStxdKHFCjLn2xl1cBQ8-Rl2tVasrU_7E5oqWaRMVY&google_hm=wAZaXYSMsXSLyo-bwD16dg

Request Chain 309

https://um.simpli.fi/gp_match?google_gid=CAESEP10tjPBySkuyYcaCv_hR1s&google_cver=1&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_hpcLJ0EgS8hC5Pw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_hpcLJ0EgS8hC5Pw

Request Chain 311

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKdUTa2-iJ_lSGDYyX8zWDQ&google_cver=1&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG5-u-q62blOI0ZuswuG6Hnw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKdUTa2-iJ_lSGDYyX8zWDQ&google_cver=1&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG5-u-q62blOI0ZuswuG6Hnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDc3MzAzMjM0NDczNTI3OA&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG5-u-q62blOI0ZuswuG6Hnw

Request Chain 312

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJfTHkobWEAYjTPQOhFKvx0&google_cver=1&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E3OGSy_TUYNgxg6NVPfI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E3OGSy_TUYNgxg6NVPfI

Request Chain 313

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGmcDRVMxU5cZEQkIhMlY5A&google_cver=1&google_push=AXcoOmSGY7G2h5mOc8tRiOF4a_2OMqOElCG-ghrtSF8g2BzC1hb3PYQTfqq9ANwDOodudS5EkhauSNWwNv_hmI2F255QXP0soyzPL_U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSGY7G2h5mOc8tRiOF4a_2OMqOElCG-ghrtSF8g2BzC1hb3PYQTfqq9ANwDOodudS5EkhauSNWwNv_hmI2F255QXP0soyzPL_U HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 349

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0XMtzCPg9o1YjQSav9otFSY-KgdmMtCYxsGNnXcP2c2CNHyXxwxnZfhco33X5A6nFsQoIXbEJS2yjtx0j2hL7ukDSHgO0yLblcMBwg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0XMtzCPg9o1YjQSav9otFSY-KgdmMtCYxsGNnXcP2c2CNHyXxwxnZfhco33X5A6nFsQoIXbEJS2yjtx0j2hL7ukDSHgO0yLblcMBwg&google_hm=wAZaXYSMsXSLyo-bwD16dg

Request Chain 352

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14nH9al6gJA8b3u9N8LJtyPZsShrRoZ1xbnYwDGTSwEsgS-0AhRY8QBfek_zUg-jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14nH9al6gJA8b3u9N8LJtyPZsShrRoZ1xbnYwDGTSwEsgS-0AhRY8QBfek_zUg-jg&google_hm=eS03aWk4WlhKRTJwRUZvTUQ1c2wud2xDdWVfSmZrdFZlMH5B

Request Chain 357

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbHjAbSDmJF7GOP65dOVJkBMtIVukO24OievpOxH6HyKY5A HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbHjAbSDmJF7GOP65dOVJkBMtIVukO24OievpOxH6HyKY5A&google_hm=wAZaXYSMsXSLyo-bwD16dg

Request Chain 359

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFchZRubdSmeRnzF2dldtSQ&google_cver=1&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-OM9Q7GdwSn1gmLpA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-OM9Q7GdwSn1gmLpA&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS

Request Chain 361

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXFWVPoVK4U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXFWVPoVK4U&google_hm=eS0zNUtsT1hKRTJwSE16dmRYSUpMQTJEQ0cxY2FCNFYxcX5B

Request Chain 364

https://googleads.g.doubleclick.net/pagead/adview?ai=C8I5wYbZkZe-6ErCmvcAPgNacsAmLyKStdN2Fw_KAEsCNtwEQASCDxPYBYJUCoAGHzrTdA8gBAqgDAcgDyQSqBMoBT9AXQ_8fvY8ZMP-QB3XfWdF4s8zKpDUvlqe8IXEtvwqFeG1s-WYdecRN8VPCbUKMiFq5ZZ-GBOWfXUD7eFDZsa0CpDrgRaSWigWngDIx_QsQz1e8ebVnz183HtQqbfpTGlXKYAiRUk0YwPPl0AbD2lb0MC32GmxiX_Ot9EKJGRSyU9Tdybol8kIrhI8283FmNJ76gN2azqfTsf4cLYJNwoYgKqnAU-vTqxss4GVy1NB2rOLTUNDKHAVyLVlrHJegBmdts1BjSBjTb8AEuZqqstEEiAXCjt20TZIFBAgEGAGSBQQIBRgEoAYCgAfhscsiqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQxMcC0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJmwFodHRwczovL3NoZWJ1ZGdldHMuY29tL2NsL2Z1bm55LWNhbXBpbmctcGhvdG9zLz91dG1fc291cmNlPWdhJnV0bV9jYW1wYWlnbj1HRE4tU2hlYnVkZ2V0cy1kZXNrLWNhbXBpbmctbWI1LTExMTYyMyZ1dG1fbWVkaXVtPXd3dy50bmRlZXIuY29tJnV0bV90ZXJtPXthZGlkfYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk5MDU0MDM4MjIyNDc5NBgA&sigh=ua4U2RQwJhM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNrq45YvTRheaJypnG95lgVa62H2S9EqCVVGm8nMKIgrEYGMD8IjzgjOzfkQrrebNx6He_hdmUNhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228611242264511927686%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001203463%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223749767251259984145%22}&andc=true

Request Chain 365

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7GWPkhdjvq_KKAt_1_PNKh3WvvaQSNn2caLrVAweV_rLdhN HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7GWPkhdjvq_KKAt_1_PNKh3WvvaQSNn2caLrVAweV_rLdhN&google_hm=wAZaXYSMsXSLyo-bwD16dg

Request Chain 367

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFchZRubdSmeRnzF2dldtSQ&google_cver=1&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCRf4bSPddwgRdH0iRwp5 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCRf4bSPddwgRdH0iRwp5&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS

Request Chain 369

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga--3Yh3CNt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga--3Yh3CNt&google_hm=eS1wU3pFN0ZwRTJwRVB2VUdqS0pIZjhKdTZXcGlkaEJvR35B

Request Chain 375

https://googleads.g.doubleclick.net/pagead/adview?ai=CZoLqYbZkZZmCD6n0kPIPgMWVqAqrm7m8dM_z4viiEmQQASCDxPYBYJUCoAHd8KrAKsgBAagDAcgDywSqBMkBT9CkrKVHaO8fdvHRO6riuTJOgDd3ocIMPe-covGyG8xLVgv-rGu6LK1i5xaVwdrt6IX3BJXd6Yh5jzdj2kkd9XcSdBpsZK9UBhpI3ezqj0rpk_UBbglDfgpQHCkCiMCr_f5uDEBrgc7UffF59inVzQlsfMOa7RPfzsku6I-DfofkDFVEi7cfYRb3_JofcgPs7O-cgMnhoUeQf1-BPzXWivhC34uJyLFI9fppJEJndceKQZifpiDkJQKKYlkNNHsRQsdkEPAAYte-wATJ7bCxvASIBe3lkrhNkgUECAQYAZIFBAgFGASAB92o-58FqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkN4D0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJiwFodHRwczovL3BkZml4ZXJzLmNvbS9kb3dubG9hZFBhZ2UuaHRtbD9jYW1wYWlnbl9pZD0yMDc4NzI3ODU3MyZhZGdyb3VwX2lkPTE1MzY0ODY0MTczNyZwbGFjZW1lbnRfaWQ9d3d3LnRuZGVlci5jb20mY3JlYXRpdmVfaWQ9NjgxMzcyOTUzMjEygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTkwNTQwMzgyMjI0Nzk0GAA&sigh=zsdB3sEpyI0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaN0vQyiad0LH_z6pS-sJ6lJvpLO2CpUFEn7_XHAz38PpESOrfFbA1a-FiclgTyKUC0tPKOKmb_oRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222996150981552255176%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210561525227670580545%22}&andc=true

Request Chain 376

https://googleads.g.doubleclick.net/pagead/adview?ai=CWoYpYbZkZajKEqydvcAP2-C9mAmLyKStdN2Fw_KAEsCNtwEQASCDxPYBYJUCoAGHzrTdA8gBAqgDAcgDyYSAgASqBMoBT9B5tQ3mnX3yY6TJYuSmFWrv5Th21pFowLkvDH0F1nYoA2r4ueu0Mfb-4pjxr-b3w_0hFfat_5xBG_Nt7v7luPGL_9HFc7XV_a0lgQympsyGN8gZD8XpY9lxda_s3ULi_8MwUrhFrHV15ZCXMKpwEkExtMRK0xy-Td40aU-3LHaUqbhyd2WnZT1zGaPXXZV7BqLo5YH7DBAUVrGMuKwybPQMfJqsL6TpRoYmnovt7ae56iC7iNBF2RZw_VpK_KyALhvdEczojkJSEcAEuZqqstEEiAXCjt20TZIFBAgEGAGSBQQIBRgEoAYCgAfhscsiqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQz6ED0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJmwFodHRwczovL3NoZWJ1ZGdldHMuY29tL2NsL2Z1bm55LWNhbXBpbmctcGhvdG9zLz91dG1fc291cmNlPWdhJnV0bV9jYW1wYWlnbj1HRE4tU2hlYnVkZ2V0cy1kZXNrLWNhbXBpbmctbWI1LTExMTYyMyZ1dG1fbWVkaXVtPXd3dy50bmRlZXIuY29tJnV0bV90ZXJtPXthZGlkfYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMTk5MDU0MDM4MjIyNDc5NBgA&sigh=Ojh8EO7rQrE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNgIRolR6FIF11PKhTucybd5bXXQY32sx8bfq3Jm4ArZR42O5b1h8BsK-p4K6Nz3izhMkE043mGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229735950892394184970%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001203463%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215173731933980703425%22}&andc=true

388 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tndeer.com/
Redirect Chain

http://www.tndeer.com/
https://www.tndeer.com/

115 KB
19 KB

152ms
132ms

Document
text/html

2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

fab5ec0471d4929074a8b22131f02fcd5daf41e66172a0adb5ba572eac1940cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0,s-maxage=300
cf-cache-status: HIT
cf-ray: 82cb6b5edde0bb47-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 15:31:40 GMT
expires: Mon, 27 Nov 2023 15:33:48 GMT
last-modified: Mon, 27 Nov 2023 15:28:48 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-powered-by: centminmod
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 82cb6b5e98ec9bb9-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 27 Nov 2023 15:31:39 GMT
Expires: Mon, 27 Nov 2023 16:31:39 GMT
Location: https://www.tndeer.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa-regular-400-min.woff2
www.tndeer.com/styles/fonts/fa/ 14 KB
14 KB 24ms
23ms Font
font/woff2 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1695406327
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 4725efe20817a85f0c0ac2ec58fcd4c5f5840dcebf83a5121aa3b7a3c05f0732

Request headers

Referer: https://www.tndeer.com/
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
cf-cache-status: HIT
age: 31209
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
content-length: 14520
last-modified: Fri, 22 Sep 2023 18:12:10 GMT
server: cloudflare
etag: "650dd8fa-38b8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 82cb6b5fbec9bb47-FRA
expires: Sat, 21 Sep 2024 18:14:13 GMT

GET
H2 200 fa-brands-400-min.woff2
www.tndeer.com/styles/fonts/fa/ 3 KB
3 KB 22ms
21ms Font
font/woff2 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/styles/fonts/fa/fa-brands-400-min.woff2?_v=5.15.3.1692371142
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 7fba7ef0cc63de78b76dfb003897241b500f195fcf2036799a45514aa89865d3

Request headers

Referer: https://www.tndeer.com/
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
cf-cache-status: HIT
age: 31209
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
content-length: 3160
last-modified: Fri, 18 Aug 2023 15:05:43 GMT
server: cloudflare
etag: "64df88c7-c58"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 82cb6b5fbecabb47-FRA
expires: Sun, 15 Sep 2024 17:23:39 GMT

GET
H2 200 css.php
www.tndeer.com/ 243 KB
39 KB 130ms
130ms Stylesheet
text/css 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=2&l=1&d=1699017139&k=ca6964a7eb755900fcab87efc60a07b5edb3f6e9

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

c97c5960d4b1d23cfdcadfc0679235cdf33449b60b73f774377553e8b0826ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=249692
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 13:12:19 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82cb6b5fbec5bb47-FRA
expires: Sat, 02 Nov 2024 13:12:21 GMT

GET
H2 200 css.php
www.tndeer.com/ 14 KB
3 KB 121ms
120ms Stylesheet
text/css 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/css.php?css=public%3Anode_list.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Aextra.less&s=2&l=1&d=1699017139&k=929e4fcd4702b9cddc2534b00248f90a78f87f22

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

ce7b4ef66f11416905fff188cd5d169aadfae521a8eda4da8b2e4f37be9a803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=14283
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 13:12:19 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82cb6b5fbec7bb47-FRA
expires: Sat, 02 Nov 2024 13:13:35 GMT

GET
H2 200 preamble.min.js Show response
www.tndeer.com/js/xf/ 4 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/xf/preamble.min.js?_v=c3573845
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 15:33:18 GMT
server: cloudflare
age: 31209
etag: W/"64de3dbe-e11"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 82cb6b5fbecbbb47-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Dec 2023 13:12:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 66ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9844027c58bfec81c80cb60feeb9225b7e48720431d650bc5d793c30cd0b13d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 15:31:40 GMT

GET
H2 200 rules.js Show response
cdn.adligature.com/tndeer.com/prod/ 35 KB
6 KB 940ms
391ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/tndeer.com/prod/rules.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f60415fa4a6eade5d64bdc5a78dfed81152be549a89cac89ac684f604789b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo5Mdvq8Ju9rtlXYnuhT-gKZfe53LTeVQH0l-NYFTXeXkeWre9sWuLW_m4KVm9YedO1t1o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 20:32:04 GMT
server: cloudflare
etag: W/"2c53198231e314604729522a43ce2b16"
vary: Accept-Encoding
x-goog-hash: crc32c=C/j3Qg==, md5=LFMZgjHjFGBHKVIqQ84rFg==
x-goog-generation: 1691526724849467
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skvQkyZvMkspl5yVxekU7z4xy0F4Yh4esCiTgOq9684kNHXk6p00z5Q26zxb8EHuY9da0tBOh4DM4fY2H2cDpyxHmjHqn3%2FKVILvF%2BraOsDU5FP1buAUL%2B4KoEmQLl8%2BdrJUq7yLxsM2dYcio7p%2FDIk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length: 36235
access-control-allow-origin: *
cf-ray: 82cb6b63f89e5eb3-NRT
expires: Mon, 27 Nov 2023 15:41:40 GMT

GET
H2 200 logo.png
www.tndeer.com/styles/ 12 KB
13 KB 24ms
24ms Image
image/webp 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tndeer.com/styles/logo.png
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 58444a8fc8268f61d80ff7504ae17ba5bffe2b248f5c11a82b5dff80327277c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
cf-cache-status: HIT
age: 31209
cf-polished: origFmt=png, origSize=13755
x-powered-by: centminmod
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12720
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Oct 2020 11:58:44 GMT
server: cloudflare
etag: "5f9416f4-35bb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82cb6b5fbeccbb47-FRA
expires: Mon, 27 Nov 2023 23:30:13 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
442 B 41ms
8ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Mon, 27 Nov 2023 16:31:40 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.tndeer.com/js/vendor/jquery/ 87 KB
31 KB 21ms
21ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=c3573845
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Aug 2023 15:33:10 GMT
server: cloudflare
age: 31209
etag: W/"64de3db6-15d84"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 82cb6b5fceddbb47-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Dec 2023 13:12:19 GMT

GET
H3 200 vendor-compiled.js Show response
www.tndeer.com/js/vendor/ 42 KB
13 KB 25ms
25ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/vendor/vendor-compiled.js?_v=c3573845
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 91160
cf-polished: origSize=43704
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Aug 2023 15:33:13 GMT
server: cloudflare
etag: W/"64de3db9-aab8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 82cb6b5fec3f1d96-FRA
expires: Sun, 03 Dec 2023 13:12:19 GMT

GET
H3 200 core-compiled.js Show response
www.tndeer.com/js/xf/ 210 KB
61 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/xf/core-compiled.js?_v=c3573845
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 76c9aca0e08033189d268816f63efa0a635fe7bba4f3add2f5453a2b8f067ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 91160
cf-polished: origSize=215799
x-powered-by: centminmod
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 Aug 2023 15:33:16 GMT
server: cloudflare
etag: W/"64de3dbc-34af7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 82cb6b5ffc511d96-FRA
expires: Sun, 03 Dec 2023 13:12:19 GMT

GET
H3 200 campaign.min.js Show response
www.tndeer.com/js/Truonglv/Sendy/ 2 KB
967 B 22ms
22ms Script
application/javascript 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/js/Truonglv/Sendy/campaign.min.js?_v=c3573845
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: efbf880354b4a5d269e537e95eaac5f228c4692ec65052ade9988f3b7e4d379c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Mar 2023 03:52:29 GMT
server: cloudflare
age: 73872
etag: W/"641686fd-60e"
x-powered-by: centminmod
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
cf-ray: 82cb6b601c8e1d96-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 03 Dec 2023 13:12:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 45ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBRKLEJKHZ&gtm=45je3b81v9106472506&_p=1701099100256&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1137215634.1701099100&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1701099100&sct=1&seg=0&dl=https%3A%2F%2Fwww.tndeer.com%2F&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.style_id=2&upn.user_group_id=1&tfd=504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advally-5.13.3.js Show response
cdn.adligature.com/rules.js/ 108 KB
30 KB 279ms
278ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/rules.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd4724fd98e33cf4e02cea12c98f723a766913a057a852efa8659d6afa4bab0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=179027
x-guploader-uploadid: ABPtcPqjOjs6OV2hHLh5QIjHCTtBrLSXePb0CXzZ789Z2vCd6vkOM1mLGk7hiX8hK6RY2pLXaxkTsAVD9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 04 Aug 2023 14:55:59 GMT
server: cloudflare
etag: W/"0e7a32316ed6cf57eecb4fa6fd340f6d"
vary: Accept-Encoding
x-goog-generation: 1691160959026543
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=iUrfxw==, md5=DnoyMW7Wz1fuy0+m/TQPbQ==
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFl09j4YzQrAyx8W6bmuRNWJdJROTEL5fNINSGmY8dYVoDNugcNOOAHq4GRVf%2B25FOlGrMafSsygBvbYvmXDh35Lz1B7N%2FF8n%2BaAXytkxt%2FNnuZeUbyP7DA%2FPrHZAviROJUUAZ%2F5aTwF5ZescU3Qu%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 179027
cf-ray: 82cb6b666b7b5eb3-NRT
expires: Mon, 27 Nov 2023 17:01:16 GMT

GET
H3 200 logo.png
www.tndeer.com/styles/ 12 KB
13 KB 22ms
22ms Image
image/webp 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tndeer.com/styles/logo.png
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / centminmod
Resource Hash: 58444a8fc8268f61d80ff7504ae17ba5bffe2b248f5c11a82b5dff80327277c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
cf-cache-status: HIT
age: 91161
cf-polished: origFmt=png, origSize=13755
x-powered-by: centminmod
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12720
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Oct 2020 11:58:44 GMT
server: cloudflare
etag: "5f9416f4-35bb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82cb6b65ae5c1d96-FRA
expires: Mon, 27 Nov 2023 23:30:13 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 496070d4e9503642b0ec489d7b00d6d0f1680d0fad5b6d0cdafaa482ab1a706e

Request headers

Referer
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK 23145.jpg
data.www.tndeer.com/avatars/s/23/ 2 KB
2 KB 652ms
313ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/23/23145.jpg?1662628155
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e945c46ba2f4c23036c8b23773bed087b801b83e06105e9a2da951983dbce272

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:56:22 GMT
Server: cloudflare
ETag: "e53af020e3b9310c1d199195889a77f7"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b68096d65bc-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1905

GET
H/1.1 200
OK 23645.jpg
data.www.tndeer.com/avatars/s/23/ 2 KB
2 KB 721ms
678ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/23/23645.jpg?1683202993
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db017224d253dbf31c832cdde46f693ca293b1d837712fd7329b63c7d956fc8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 04 May 2023 12:23:15 GMT
Server: cloudflare
ETag: "e168a0b32f334832e71bf8888c4b0444"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b662d34994b-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1564

GET
H/1.1 200
OK 19811.jpg
data.www.tndeer.com/avatars/s/19/ 2 KB
2 KB 1031ms
990ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/19/19811.jpg?1693178771
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cab1723e8ad2e0028772a6db16ade61e00de13c7fad16f19615ac5af3cdb257e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 27 Aug 2023 23:26:16 GMT
Server: cloudflare
ETag: "96f253aa46bdcdfb2bf75d882b4bebee"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b662b8b1cbb-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1695

GET
H/1.1 200
OK 2228.jpg
data.www.tndeer.com/avatars/s/2/ 1 KB
2 KB 364ms
325ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/2/2228.jpg?1603833633
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160e32764ded505871be99b036f22876a1e5d7f05f9906fe70dc1abf11dd7a82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:58 GMT
Server: cloudflare
ETag: "659d2a5cd923c7244d3c588f194a0993"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b66289c5d7a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1508

GET
H/1.1 200
OK 22663.jpg
data.www.tndeer.com/avatars/s/22/ 1 KB
2 KB 1002ms
637ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/22/22663.jpg?1700326988
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa88b8dc96254bd99bd949e20c01e54add68bbb4d0ae3bba1b84779c49792b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 18 Nov 2023 17:03:16 GMT
Server: cloudflare
ETag: "3e48f1329f7dc8f930ff20f4adbcf001"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b682b165d7a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1250

GET
H/1.1 200
OK 2171.jpg
data.www.tndeer.com/avatars/s/2/ 1 KB
1 KB 744ms
363ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/2/2171.jpg?1603833628
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8190a5778002ac41b4ceeca034a6529a118c50999761b33f26174b243b1837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:52 GMT
Server: cloudflare
ETag: "d10ff8176e8dcdaca16949501660fabe"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b684bbc39ee-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1032

GET
H/1.1 200
OK 13775.jpg
data.www.tndeer.com/avatars/s/13/ 2 KB
2 KB 1046ms
330ms Image
image/png 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/13/13775.jpg?1604993156
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6682dbd88ac0420d00dc01aaf362d19c8f3338091718f1144052c3e586cdf3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:55:02 GMT
Server: cloudflare
ETag: "a579d98331644249d6dcf5ef37735122"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6a6a28994b-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1606

GET
H/1.1 200
OK 2494.jpg
data.www.tndeer.com/avatars/s/2/ 1 KB
2 KB 1553ms
269ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/2/2494.jpg?1603833658
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d62e75c1fd4bc4864d8b3003057972ab9987ec702f6fa98d4008e7c09a00e0ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:54 GMT
Server: cloudflare
ETag: "1ea5e3110caa9947b4c827e31dfe16b8"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b700dca9268-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1216

GET
H/1.1 200
OK 12599.jpg
data.www.tndeer.com/avatars/s/12/ 7 KB
7 KB 1689ms
346ms Image
image/png 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/12/12599.jpg?1611095548
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcec0f5282283aaa7b41676ab70d779851f93c0a0e0fb8db6c389a323dec01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:43 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:56:40 GMT
Server: cloudflare
ETag: "b74022c56cda0927061a86eaca4577d9"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b706c375d7a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 7014

GET
H/1.1 200
OK 3052.jpg
data.www.tndeer.com/avatars/s/3/ 4 KB
5 KB 374ms
340ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/3/3052.jpg?1624016385
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc95ecf6690db0389e41ee9da7cc24042b976f9f69c4ec0db612f36a6799ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:28 GMT
Server: cloudflare
ETag: "95a3aeac55223bcb4ab44e6528c588d0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6628cb39ee-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 4401

GET
H/1.1 200
OK 22697.jpg
data.www.tndeer.com/avatars/s/22/ 2 KB
2 KB 1544ms
294ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/22/22697.jpg?1652803718
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63abb88648e3d6eb344ff6558bcb01a9213f139d9f152473397f9f349409791c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:55:52 GMT
Server: cloudflare
ETag: "649b6643d875d3508fe8822a79573644"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6fdf3639ee-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1882

GET
H/1.1 200
OK 20424.jpg
data.www.tndeer.com/avatars/s/20/ 5 KB
6 KB 1342ms
321ms Image
image/png 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/20/20424.jpg?1697596318
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57216922cd65c620a07a0548a61d22a4f57f2549121ba228ac329b052b81c405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 18 Oct 2023 02:32:07 GMT
Server: cloudflare
ETag: "f796a0f234dffceb0a4abb7079b7a20e"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6e6a035d7a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 5523

GET
H/1.1 200
OK 12069.jpg
data.www.tndeer.com/avatars/s/12/ 1 KB
2 KB 1346ms
303ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/12/12069.jpg?1618191499
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62537b4423aec64808eb580c3c8084e5fcf93653782ae184f6ddba43e55159ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:56:36 GMT
Server: cloudflare
ETag: "9d271326136e0d2979a5c0d25d01deea"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6e8ee5994b-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1370

GET
H/1.1 200
OK 21442.jpg
data.www.tndeer.com/avatars/s/21/ 1 KB
1 KB 2125ms
1151ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/21/21442.jpg?1607303153
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e5bba196af5003764bebcaa42d11db2aa66a6cf7b4d1ab88b5a63f8d32c3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:43 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:25 GMT
Server: cloudflare
ETag: "67ca340e32025fbf8d575bcd6f86e0bb"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6e19b565bc-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1066

GET
H/1.1 200
OK 18600.jpg
data.www.tndeer.com/avatars/s/18/ 8 KB
9 KB 1249ms
286ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/18/18600.jpg?1605905804
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663b6ee7aa492eb9f52fc2e27854323d8a9c13bde3989a011495c60c5b9c164b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:54:52 GMT
Server: cloudflare
ETag: "a03f517bbc287c69579cbe8ebb36ceed"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6e0c0939ee-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 8563

GET
H/1.1 200
OK 16465.jpg
data.www.tndeer.com/avatars/s/16/ 2 KB
2 KB 1419ms
724ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/16/16465.jpg?1608297438
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3a5247c27c9025fb8e2c12b2cd77255c02822a26fa26a90c7ffafa22082a3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:56 GMT
Server: cloudflare
ETag: "11d8a929bea9b4461fd58e05b46c7002"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6c5b4f1cbb-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1841

GET
H/1.1 200
OK 1977.jpg
data.www.tndeer.com/avatars/s/1/ 4 KB
5 KB 330ms
296ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/1/1977.jpg?1607700861
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74f6f03c83fa50f72399c46ffcda3b717020a83dc1ebb4ded1a711df85a5b7ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:55:41 GMT
Server: cloudflare
ETag: "c65036c9ed8e8191e5926ed0f9eabc30"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b662f3b65bc-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 4315

GET
H/1.1 200
OK 20193.jpg
data.www.tndeer.com/avatars/s/20/ 1 KB
2 KB 1282ms
876ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/20/20193.jpg?1689561848
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df2afa7f9ac0ccddd8df9153c81b19dadce393bca37a4052ea65a9f18aa673d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 17 Jul 2023 02:44:13 GMT
Server: cloudflare
ETag: "7a79d8f7fb29bc13062e68983c628c25"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6a88879268-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1358

GET
H/1.1 200
OK 5758.jpg
data.www.tndeer.com/avatars/s/5/ 1 KB
2 KB 1020ms
354ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/5/5758.jpg?1603833928
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30fbbb674b9b7ca70ef66cbcf6b67a0a9b500d41220f8128ff73982e70207e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:57:47 GMT
Server: cloudflare
ETag: "eef217aca37fb0a217c60844297a8d24"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6c2f865d7a-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1271

GET
H/1.1 200
OK 8950.jpg
data.www.tndeer.com/avatars/s/8/ 87 KB
88 KB 729ms
696ms Image
image/gif 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/8/8950.jpg?1700666968
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db577e4c4f984cbe2540c61503b7af34f55d99c47faf0949c717261b761ddf37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 22 Nov 2023 15:29:44 GMT
Server: cloudflare
ETag: "e5b32ee52499e5eea5d376c40e0f5af4"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b662d3b9268-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 89337

GET
H/1.1 200
OK 5740.jpg
data.www.tndeer.com/avatars/s/5/ 1 KB
2 KB 962ms
555ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/5/5740.jpg?1694834519
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c7135ffd3e35b2202aa38f64113c71354f14bcecfdafb8cfd706174a96a2f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 16 Sep 2023 03:22:03 GMT
Server: cloudflare
ETag: "254e3fd82e8ebbc363f162922c9bede7"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6a8f1e39ee-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1487

GET
H/1.1 200
OK 3026.jpg
data.www.tndeer.com/avatars/s/3/ 2 KB
2 KB 1042ms
326ms Image
image/jpeg 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/3/3026.jpg?1630073974
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3502871ebebf767e2dd0ff47d71900de44c714070e83de2032bfb4d8fe2a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 29 Jan 2023 16:58:31 GMT
Server: cloudflare
ETag: "d982fdd63d96855825f6770d06c8ff3c"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b6c7d00994b-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 1628

GET
H/1.1 200
OK 12919.jpg
data.www.tndeer.com/avatars/s/12/ 6 KB
7 KB 1640ms
294ms Image
image/png 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/12/12919.jpg?1695998271
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef02844590d098ccffda3c82f39cd118f80164c4817421e421601773c90395d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:43 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 29 Sep 2023 14:37:54 GMT
Server: cloudflare
ETag: "aa4eee1699aec89abfb925cfc9f4bd7b"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b7068f6994b-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 6274

GET
H/1.1 200
OK 20060.jpg
data.www.tndeer.com/avatars/s/20/ 4 KB
4 KB 1305ms
659ms Image
image/png 2606:4700:20::681a:4e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.www.tndeer.com/avatars/s/20/20060.jpg?1692381488
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:4e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97641f2b665d07d6503a980d748f83b6f500f51976724a5c29a51db5a13f9750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 18 Aug 2023 17:58:13 GMT
Server: cloudflare
ETag: "697ab0c02a6f06cfcd7fa7689cd931cd"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 82cb6b69fbc265bc-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 4019

GET
H2 200 embed.js Show response
cdn.convertbox.com/convertbox/js/ 3 KB
2 KB 100ms
19ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com/convertbox/js/embed.js
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/31/2023 19:00:40
cdn-pullzone: 53020
last-modified: Thu, 25 May 2023 08:50:41 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"646f2161-c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: 3cf7052ef0646bee661bf2d06e5b0b5e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3

200

main.js Show response
www.tndeer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 363C
Redirect Chain

https://www.tndeer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.tndeer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

18ms
18ms

Script
application/javascript

2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b7b647f791867dc45411e8424b4200b20a6a8babb561988708465db36f0941

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82cb6b663f211d96-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 27 Nov 2023 15:31:41 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82cb6b660ed81d96-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 403 keep-alive Show response
www.tndeer.com/login/ 6 KB
2 KB 14ms
14ms XHR
text/html 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/login/keep-alive

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=c3573845

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66211caa8e447d49c64848441d600a2016cfea2194bfe8eb27525e891966b4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tndeer.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 82cb6b660edf1d96-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 82cb6b5edde0bb47 Show response
www.tndeer.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 363C 0
269 B 32ms
32ms XHR
text/plain 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tndeer.com/cdn-cgi/challenge-platform/h/g/jsd/r/82cb6b5edde0bb47
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
server: cloudflare
cf-ray: 82cb6b66bfb91d96-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK user Show response
app.convertbox.com/embed/ 0
367 B 444ms
125ms XHR
text/html 52.73.25.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/user?uuid=813db06c-812a-42f2-9ef5-7466214859c1

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.25.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-25-207.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 20
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 116 B
272 B 68ms
14ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region,timezone,mobile,continentCode
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a2b8c8b9fe0235f0bcd7a7cade8ef242b51391f40fbfb4e93259b96cd42bc683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 27 Nov 2023 15:31:41 GMT
Content-Length: 116
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 100ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11f3420a93d9aa6752a128166fe00e11476c29a7fe6c4f49814861059c9b1a86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30322
x-xss-protection: 0
server: cafe
etag: 295 / 19688 / 31079658 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:41 GMT

GET
H2 200 prebid-7.51.0.js Show response
cdn.adligature.com/tndeer.com/prod/ 265 KB
84 KB 388ms
387ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.51.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d09bb1405de1b788b1fc273e11b44c0fb9a9b7c207e299793c030bd4e59720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoPqhcyTYO_EyJtKOud0zN-1D069_WQetwp1HnCMHZEVivKQT4lg5HF1BVTat_3H7XoyYh_PNEmQQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 08 Aug 2023 20:32:03 GMT
server: cloudflare
etag: W/"d14476e96631a796567e54c71795cf04"
vary: Accept-Encoding
x-goog-hash: crc32c=B2lk5Q==, md5=0UR26WYxp5ZWflTHF5XPBA==
x-goog-generation: 1691526723038813
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XXUDSRt87g1yJ12NggI1dfUb1pYsofl0czoUygGcU7c5pAPZdPWshLAW0lVgFAPTtkhwZpGn9aA1qToMHVSgT62U81ATnUeIW2SQ%2B%2BZTCepzuxXsB%2FlL6g5s5N5T6sSqXgnTlGh9wziEyGCbRAp%2BoU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=900, s-maxage=300, must-revalidate
x-goog-stored-content-length: 270868
access-control-allow-origin: *
cf-ray: 82cb6b684d3a5eb3-NRT
expires: Mon, 27 Nov 2023 15:36:41 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 430 KB
135 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16745
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138013
x-xss-protection: 0
server: cafe
etag: 17202369310903786887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Nov 2024 10:52:36 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/387147/ Frame EBB3
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/387147/connatix.player.dc.js?tier=1

1 MB
296 KB

56ms
33ms

Script
application/javascript

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/387147/connatix.player.dc.js?tier=1
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7949df9ca0a3188509c8b87352e4be45a6a5fb6c07b15dfbd2979e35d932052e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
x-amz-version-id: tO27wMQTBQonCSK2AeCL1fowUjOW2Wxy
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 27 Nov 2023 13:34:11 GMT
server: cloudflare
etag: W/"06a5e0a360a4fa05d77d730bb78d485d"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 82cb6b697ea44d2e-FRA
access-control-allow-headers: range
expires: Tue, 26 Nov 2024 15:31:41 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/387147/connatix.player.dc.js?tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82cb6b68fdee4d2e-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 send_pageviews
us-central1-wrapper-analytics-prod.cloudfunctions.net/ Frame 0
0 175ms
128ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-wrapper-analytics-prod.cloudfunctions.net/send_pageviews
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 27 Nov 2023 15:31:41 GMT
function-execution-id: whr7183v2da9
server: Google Frontend
x-cloud-trace-context: 814db7454d54a0c316cd81da2c6d7d8c

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 162 KB
48 KB 53ms
15ms Script
text/javascript 18.155.153.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 03:03:54 GMT
content-encoding: br
via: 1.1 48fca78aec25689594f8d5730af7f418.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 44868
x-amz-server-side-encryption: AES256
etag: W/"d639888467d34e28bf15173204590f92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gRGKACvpj-JKLfL4vYQ_oVRNZPp0b3TwMTjXOYGer0gJIiDdUnp4eQ==

POST
H2 200 send_pageviews Show response
us-central1-wrapper-analytics-prod.cloudfunctions.net/ 2 B
145 B 138ms
138ms XHR
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-wrapper-analytics-prod.cloudfunctions.net/send_pageviews
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
x-cloud-trace-context: a0e24740d256aef35da68d9642d70983
cache-control: private
function-execution-id: cfxfk94l1gpp
access-control-allow-headers: *
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 37ms
8ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:41 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=117314
accept-ranges: bytes
content-length: 68444
expires: Wed, 29 Nov 2023 00:06:55 GMT

GET
H/1.1 200
OK mix-manifest.json Show response
app.convertbox.com/ 4 KB
1 KB 100ms
100ms XHR
application/json 52.73.25.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.convertbox.com/mix-manifest.json?1701099102
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.25.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-25-207.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 May 2023 08:51:55 GMT
Server: nginx/1.20.0
ETag: W/"646f21ab-f99"
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 1016

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
311 B 103ms
34ms Fetch
application/json 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=254316

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-141-183.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Mon, 27 Nov 2023 15:31:41 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 52

GET
H2 204 sync
trends.revcontent.com/ 0
0 102ms
34ms Fetch 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.tndeer.com
date: Mon, 27 Nov 2023 15:31:41 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
604 B 510ms
169ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated%7Calways&rum=true&features=Array.prototype.entries%2CArray.prototype.forEach%2CArray.prototype.includes%2CNodeList.prototype.forEach%2CObject.values%2CPromise%2CString.prototype.includes%2CSymbol%2CSymbol.iterator%2CObject.assign%2CArray.from%2CArray.isArray%2CArray.of%2CArray.prototype.findIndex%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.values%2CString.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2CArray.prototype.find%2CArray.prototype.filter%2CObject.defineProperty%2CObject.defineProperties%2CObject.entries%2CObject.keys

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 15:31:42 GMT
age: 2312226
detected-user-agent: Chrome/119.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/119.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 19 KB
11 KB 82ms
82ms Fetch
application/json 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=254316&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.tndeer.com%2F&icr_url=&va=0&time=1701099101814&up=pc&bn=chrome&bv=119&widget_width=1220&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-141-183.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

630eec7ae1b7276f80f4f73ce4f66c77e851f79735e999dde4104e319c913388

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Mon, 27 Nov 2023 15:31:41 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 51

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 97ms
35ms Fetch 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-141-183.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Mon, 27 Nov 2023 15:31:41 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.tndeer.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
17 KB 17ms
17ms Script
text/javascript 18.155.153.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0077dda9560e1ff3171a016d7390330796612e54619094f5bafe6b5314e2eb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 08:25:43 GMT
content-encoding: gzip
via: 1.1 48fca78aec25689594f8d5730af7f418.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 25560
x-amz-server-side-encryption: AES256
etag: W/"96edb70e0b7f4125d0951702526f091c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xUqU0qQ8Ph9l8OANbo629aw0uEkhEldXVBLln9mrbj3tx_1TleF2dQ==

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
9 KB 18ms
18ms Script
text/javascript 18.155.153.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:16:28 GMT
content-encoding: gzip
via: 1.1 48fca78aec25689594f8d5730af7f418.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 18915
x-amz-server-side-encryption: AES256
etag: W/"5bfc015a2c2bfed2e72c706157a02719"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bG0JrTT42BObqSBaLxGROj1TqPiZ8ynsPoI0ljtLMGw3nD9gI0k1OA==

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 34 KB
10 KB 19ms
18ms Script
text/javascript 18.155.153.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.153.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-153-100.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d827fff167e3e0dd80812592a22621df80fda7610a0ed3a07ca49f94abe41e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:11:18 GMT
content-encoding: gzip
via: 1.1 48fca78aec25689594f8d5730af7f418.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:47:51 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-P2
age: 4824
x-amz-server-side-encryption: AES256
etag: W/"390f0052288a44789c8f6404c2523a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: G4OAun4iiMqS7KBPBfdaBQeq4TDzCOwlP1Z5uAMlk5m4CPTKhfTnTQ==

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 496 KB
154 KB 74ms
14ms Script
application/javascript 2600:9000:2453:6e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:6e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 913ed9985ccfa1581c12ace27af68e2b534719a4777e9c526f31b69f3bd1f3c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 15:35:57 GMT
Content-Encoding: br
Via: 1.1 107d9675170d96f52a4921f960f44e7c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-P1
Age: 86144
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 26 Nov 2023 15:35:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: 3pUNsjlOEe4au-Zm9msS-YP9JsCZZQHRh2NN0ZEU7mTh9DXIPxMQRg==
Expires: Mon, 27 Nov 2023 15:35:57 GMT

GET
H2 200 /
img.revcontent.com/ 1 KB
2 KB 55ms
14ms Image
image/png 54.230.206.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-3.ham50.r.cloudfront.net
Software: envoy /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Tue, 03 Oct 2023 17:55:57 GMT
via: 1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
server: envoy
x-amz-cf-pop: HAM50-C3
age: 4743344
etag: "a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache: Hit from cloudfront
content-type: image/png
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
content-length: 1351
x-amz-cf-id: 6Cq7Az6kkSRILDHV3Vw6RzzuRBzUzIzYSMQwpwtTR_nOluB3USnUrg==

GET
H2 200 795a02aecde80d5c65320603c05af1db.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 128ms
68ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/795a02aecde80d5c65320603c05af1db.jpeg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

Cloudinary /

Resource Hash

da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Mon, 27 Nov 2023 14:25:10 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 391934
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18291
last-modified: Tue, 19 Sep 2023 17:40:44 GMT
server: Cloudinary
etag: "cccba623fd66e8aa63515510f92791f6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uKxXpqlq2d2D3wtBBQ7v28jSqbjgTACHWQS0D58dvd6_BIxwxAoMLw==

GET
H2 200 f5b021fdd0d59bbd7aacd77a9c03daa9.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 75ms
16ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/f5b021fdd0d59bbd7aacd77a9c03daa9.jpg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

Cloudinary /

Resource Hash

78c2575236cd9a473547dd660c31112d35cadeadddeffb44b75f53732b89e231

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 19:13:00 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 505122
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12032
x-request-id: 4b1beecfb8db0bfb2215529701836c31
last-modified: Tue, 21 Nov 2023 19:13:01 GMT
server: Cloudinary
etag: "cda7d75ccd5297dcfcb5de067416f010"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: BPo0XkfyAKGqTtKdGJUsj9WTKT-ZDNUQydAYaTg74fGWfQxddzn19A==

GET
H2 200 2cca38cb3c97619aa3116753b4b2f3a7.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
12 KB 123ms
66ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/2cca38cb3c97619aa3116753b4b2f3a7.jpeg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8e7d306c3057d700ef8afb2306b2fd1bb817e270e84ffd03662c94690eb51dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Wed, 22 Nov 2023 13:51:07 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 438035
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11318
last-modified: Thu, 05 Oct 2023 14:38:00 GMT
server: Cloudinary
etag: "0804876b1601aff6eb1c20f35c0a3419"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GYcXcTtl_RjprQXQnJ76K0f_tsNTkXbHYtcg4uxPNQAgrCrRWmueZA==

GET
H2 200 b66ad0b06025624e217af299a5ac3cce.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
11 KB 122ms
67ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/b66ad0b06025624e217af299a5ac3cce.jpeg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

9f0a80b3291b7d696bf6cdd72d218a575ab728001bce13d3c17d62ae8aad0693

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Mon, 20 Nov 2023 17:41:12 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 604747
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10240
last-modified: Mon, 18 Sep 2023 17:39:54 GMT
server: cloudflare
etag: "b7b6a907c1550d97b4b99ce49d82f456"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 8258ccd60d4056ec-IAD
timing-allow-origin: *
x-amz-cf-id: gLOBFsmmYWvpJsTzdjnnAP3zAkxj4m1ZWhUd97MxxbT7LInRT9lRZg==

GET
H2 200 e9d15e038e1573e2ec3c7e1fbd2b7dc2.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
16 KB 72ms
18ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/e9d15e038e1573e2ec3c7e1fbd2b7dc2.jpg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 24 Nov 2023 08:54:34 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 283028
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15421
last-modified: Thu, 16 Nov 2023 13:56:45 GMT
server: cloudflare
etag: "8bb9b05bf92b6d4db74c4a4145b182ef"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 8276abebdb1581ac-IAD
timing-allow-origin: *
x-amz-cf-id: uQpUn_A1bStClv65HNl5K-iBlqY7nkBXGe9JHhO9x6Dmgs6jKAKTQA==

GET
H2 200 f7dd50a42f055307bf693c688f415fe5.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 17 KB
17 KB 83ms
31ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/f7dd50a42f055307bf693c688f415fe5.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

Cloudinary /

Resource Hash

30df7aa36b3c479c5a54321bfd65dd05ec84751d57ca9ac105a739663142146b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Wed, 22 Nov 2023 08:39:32 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 456768
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17181
last-modified: Fri, 01 Sep 2023 19:21:46 GMT
server: Cloudinary
etag: "115e154cb8dc5864673889e184c9a62d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wWGN2CbJgBhji9XFP1rlBUqD2gPiOhrynE-zxhC-2UT4lkpkXRX79A==

GET
H2 200 cdf67154798492837d9ed31ab2928594.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
13 KB 63ms
63ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/cdf67154798492837d9ed31ab2928594.jpg

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29ff5b61d67b04b502567f7506887bd05acc5f80071ae1857dec19b4701eda79

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 24 Nov 2023 16:53:00 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 254322
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12422
last-modified: Thu, 08 Jun 2023 15:27:00 GMT
server: Cloudinary
etag: "d312ee92e0cc1dcb0592e166e70efe24"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: UoeBhQ-iirdUWmkMznHez-uHWd25XJLzUfKJpueliql8ALf7oh-C9g==

GET
H2 200 61487c805108f6-82420623.webp
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 11 KB
11 KB 63ms
63ms Image
image/jpeg 18.239.83.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/61487c805108f6-82420623.webp

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.83.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-83-111.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

f091a905809fb7d03b500c2f625fe8c2cb16fe04a2fd40b9712ac16807f29387

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Wed, 22 Nov 2023 11:29:32 GMT
x-content-type-options: nosniff
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 446561
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11048
last-modified: Thu, 08 Jun 2023 15:26:58 GMT
server: cloudflare
etag: "3616927dc22489c176750731a4fe408c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 8267276dab069c2a-IAD
timing-allow-origin: *
x-amz-cf-id: nBbq9cLiSJ7LDl2s6V2s_ZT40oHKW5VsevwSy8f1NEXnqvSrHmOR4A==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBRKLEJKHZ&gtm=45je3b81v9106472506&_p=1701099100256&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1137215634.1701099100&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1701099100&sct=1&seg=0&dl=https%3A%2F%2Fwww.tndeer.com%2F&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&en=scroll&epn.style_id=2&epn.percent_scrolled=90&_et=3&tfd=2096
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK get
idrs.adtelligent.com/ Frame 0
0 126ms
36ms Preflight 62.149.0.74
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.74 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-74.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: OPTIONS,GET,POST
Access-Control-Allow-Origin: https://www.tndeer.com
Connection: Keep-Alive
Content-Length: 0
Date: Mon, 27 Nov 2023 15:31:41 GMT
Server: VertaMedia 1.0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tndeer.com%2F&domain=www.tndeer.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 27 Nov 2023 15:31:41 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 195798
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK get Show response
idrs.adtelligent.com/ 65 B
445 B 107ms
34ms XHR
application/json 62.149.0.74
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://idrs.adtelligent.com/get?gdpr=0&gdprConsent=
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.74 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-74.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 64405e8eefca66616fb66cf9f569fc442ba15a5f2986f9f92b1d5b9288d15282

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Mon, 27 Nov 2023 15:31:41 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 65
Content-Type: application/json

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
267 B 153ms
18ms XHR
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.tndeer.com/&tl=https://www.tndeer.com/&nf=0&rt=true&v=7.51.0&av=2.0&vg=advpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: 0432a8c739161743aa1044a11fdc34faa6392538049c6edd076ec6938a49b86c

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tndeer.com
date: Mon, 27 Nov 2023 15:31:41 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 45ms
15ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.tndeer.com%2F&domain=www.tndeer.com&cw=1&lsw=1

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.51.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 180399
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 136 B
416 B 72ms
17ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/tndeer.com/prod/prebid-7.51.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

fe812aab4cb12c1074617d56963eedafc816f1d73b36a619ef887833d808d01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tndeer.com
date: Mon, 27 Nov 2023 15:31:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 op.js Show response
tagan.adlightning.com/advally-dildymedia/ 47 KB
19 KB 511ms
450ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-5.13.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcb3a9431473b7910939fa3fc10af410097b0f09db38a549512a03f4fd8c997f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: flpo1SWCtq5fZF0sHKIBcMt8xVAagxeN
x-amz-cf-pop: HAM50-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 18779
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 27 Nov 2023 14:10:06 GMT
server: AmazonS3
etag: "27595d6a836bb6ce09dc599c056e8c6a"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: GpHmh7wJ7ZvzJG83ZYLPS_-8H-Bh8ya4TFWLVy1nNK1zfKPm4VpiFA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1939ms
1938ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CBottom_adhesion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102040&lmt=1701098928&adxs=436&adys=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3Dadvally-adhesion-slot%26rand_key%3D81&adks=630080174&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6887055bb9eadc4d50742ed8a4ece69474937e2a423900644d3cbcd06f8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12713
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321856
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
16 KB 1137ms
1136ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CTop_Leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102045&lmt=1701098928&adxs=862&adys=7&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=728x90&msz=728x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DTop_Leaderboard%26rand_key%3D81&adks=241676502&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bd698b8eefa2aa6b874101dd009d3ccb2459c80a605d210d44c9f343818c361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15876
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
16 KB 2949ms
2949ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102046&lmt=1701098928&adxs=30&adys=494&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=1220x125&msz=1220x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DAdvallyTag-tndeer.com-728x90-1%26rand_key%3D81&adks=7580803&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cec7550d36bbd2a1bd71e990b67911121ddabac57d2e4608d687c48ee14481a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16001
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 350ms
349ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102047&lmt=1701098928&adxs=30&adys=1417&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=1220x125&msz=1220x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DAdvallyTag-tndeer.com-728x90-2%26rand_key%3D81&adks=2164342767&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9956c3649fb7b80d4ffbb0f8ed651b9dbc4f5f8b4335c874d64835a6d17e6aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12356
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321835
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 813ms
812ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102048&lmt=1701098928&adxs=30&adys=1907&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=1220x125&msz=1220x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DAdvallyTag-tndeer.com-728x90-3%26rand_key%3D81&adks=979018163&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c6dfed624e6acf831c5bc6bf1cf8ffe681c066bf5cf971e0d1a2bc731d0d0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12344
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1721ms
1721ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102049&lmt=1701098928&adxs=30&adys=2533&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=1220x125&msz=1220x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DAdvallyTag-tndeer.com-728x90-4%26rand_key%3D81&adks=2889762482&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e74523435569a88cc1e56ca8bc8002e0d77273d9844ee715e2276a82f97a9c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12353
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321223
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1639ms
1639ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CInline-5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102050&lmt=1701098928&adxs=30&adys=3301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=1220x125&msz=1220x-1&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DAdvallyTag-tndeer.com-728x90-5%26rand_key%3D81&adks=3153824805&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

766846626c148cf45c1fd06e2422a0b0cc779f7e40cd6ceb270ed645d6dcc26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12355
x-xss-protection: 0
google-lineitem-id: 5851559898
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374321829
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 2541ms
2541ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CSidebar_TOP_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102051&lmt=1701098928&adxs=1260&adys=258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=310x0&msz=310x0&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DSidebar_TOP_MPU%26rand_key%3D81&adks=2734032360&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af2566d6610a2f159ef090099a5111f923f385699156c16acbdeea98ea8f248d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12303
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 2157ms
2157ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1392872817795943&correlator=4345632387085685&eid=31079658%2C31067357%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=1005876%2CTNdeer%2CSidebar_Bottom_MPU&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701099102052&lmt=1701098928&adxs=1260&adys=1282&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.tndeer.com%2F&vis=1&psz=310x1&msz=310x0&fws=4&ohw=1600&ga_vid=1137215634.1701099100&ga_sid=1701099102&ga_hid=153705681&ga_fc=true&dlt=1701099100111&idt=1411&prev_scp=advSlotName%3DSidebar_Bottom_MPU%26rand_key%3D81&adks=3275158994&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0909dbc26f47af7b16995e780171b18fa4c6c2ddef7acdba5a5e341f86beeae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tndeer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0140 6 KB
3 KB 126ms
62ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
595 B 542ms
136ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=wDHBeByQJEZmkKqwVnJEHCVaZFJDSmhg-FE7fPshldVrrKD4c03zIFUjD-E03BPc1maVvnMQ==&pm_ct=14347892e37237b11cd95a33&pm_pl=1701099102073&pm_td=7&pid=1000177&en=1.1&callback=__pm_glbl_1S7zRll7gDlE64im3MZELvwk._gc1&tt=opt&v=a6bb4ea
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 45e6a059898dbd05c593df541d6eaf5df48c1717c39acf82d8a9870d9ab038ea

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 15:31:42 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.tndeer.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 33D3 73 KB
25 KB 15ms
15ms Document
text/html 2600:9000:2453:6e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=a6bb4ea&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:6e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 71303a8437ca4348303e7da30bb941cae07ff524606986b98f035d8ff27d783e

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4825
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 14:11:17 GMT
Last-Modified: Mon, 27 Nov 2023 14:00:56 GMT
Transfer-Encoding: chunked
Via: 1.1 107d9675170d96f52a4921f960f44e7c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: moCGais7crn5xreiPSTi3eN7kwnI9iGi89r_P7XSWptwEFy4pODg6A==
X-Amz-Cf-Pop: HAM50-P1
X-Cache: Hit from cloudfront

GET v1
lb.eu-1-id5-sync.com/lb/ 0
0

GET
BLOB 200
OK 37948699-64e3-423c-956b-836b66e9b99a
https://www.tndeer.com/ 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tndeer.com/37948699-64e3-423c-956b-836b66e9b99a
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
BLOB 200
OK 9243229b-cdd6-46ef-b808-b70a20ba2685
https://www.tndeer.com/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tndeer.com/9243229b-cdd6-46ef-b808-b70a20ba2685
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame 33D3 0
564 B 24ms
13ms XHR
text/html 2600:9000:2453:6e00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?v=a6bb4ea&pid=1000177
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?v=a6bb4ea&pid=1000177
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:6e00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?v=a6bb4ea&pid=1000177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 14:11:17 GMT
Content-Encoding: gzip
Via: 1.1 107d9675170d96f52a4921f960f44e7c.cloudfront.net (CloudFront)
Last-Modified: Mon, 27 Nov 2023 14:00:56 GMT
X-Amz-Cf-Pop: HAM50-P1
Age: 4825
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: Z6eMUp5i3ryuWE6kTj6chYhHoLpBDTgqvlSvY7fhsPwnspOQBkdx4A==

GET
H2 200 embed-core.js Show response
cdn.convertbox.com//convertbox/js/ 519 KB
138 KB 19ms
19ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com/convertbox/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 10/31/2023 18:59:57
cdn-pullzone: 53020
last-modified: Thu, 25 May 2023 08:50:41 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"646f2161-81cb8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
cache-control: public, max-age=31919000
cdn-requestid: 5cffe770ee7a5765170d7ffc5edb3b8a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 bars-preview.css
cdn.convertbox.com//static/css/ 114 KB
15 KB 61ms
61ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 18dd7e18ad05cb33ee6730c5cfe190b0eeb8dc6926130df15bd634b2a7cb94a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 10/31/2023 19:00:14
cdn-pullzone: 53020
last-modified: Thu, 25 May 2023 08:50:41 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"646f2161-1c694"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0efa3f5e-1cdb-4f24-96b0-16bfe6c0cf31
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 6c29b4fbfdbcb4c5733d313e25cc558e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK box Show response
app.convertbox.com/embed/ 134 B
471 B 159ms
159ms XHR
application/json 52.73.25.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.convertbox.com/embed/box

Requested by

Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//convertbox/js/embed-core.js?id=d52f4c09a24bf2889838

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.73.25.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-25-207.compute-1.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

4410bdbb21d2f1f8e1b8765df9dd205506412301a8588e1c90967e98588416a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryEXIt77ctIHsULBBh

Response headers

Date: Mon, 27 Nov 2023 15:31:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.20.0
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 131
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 107ms
33ms Preflight 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.tndeer.com
content-length: 0
date: Mon, 27 Nov 2023 15:31:42 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 106ms
32ms Preflight 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tndeer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.tndeer.com
content-length: 0
date: Mon, 27 Nov 2023 15:31:42 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 33ms
33ms Fetch 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.tndeer.com
date: Mon, 27 Nov 2023 15:31:42 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 33ms
32ms Fetch 18.200.141.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.200.141.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-141-183.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.tndeer.com
date: Mon, 27 Nov 2023 15:31:42 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

GET
H2 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DAF 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5DAF 24 KB
7 KB 80ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5DAF 151 KB
52 KB 143ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

011be7f5755a0c6d8620996ce48883393f6441cb58c177c38849765451d5e927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Origin: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52764
x-xss-protection: 0
server: cafe
etag: 13769290128526193205
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DAF 202 KB
64 KB 96ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:42 GMT

GET
H2 200 css
fonts.bunny.net/ 25 KB
3 KB 74ms
21ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Mali|Caveat|Lato|Lora|Montserrat|Open+Sans|Oswald|Playfair+Display|Quicksand|Raleway|Roboto|Ubuntu
Requested by: Host: cdn.convertbox.com
URL: https://cdn.convertbox.com//static/css/bars-preview.css?id=bcd08c616f2a1e4f6182
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: e001977ff2382c9c29eae2d01312840836eb92f86c24a45e5fe76e1d23f2fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.convertbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-cachedat: 11/01/2023 17:05:04
cdn-pullzone: 781720
last-modified: Wed, 01 Nov 2023 17:05:04 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: cf8f37b4fdb75c4a70bec1c2607c95a6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ 82 KB
31 KB 20ms
20ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mK2qX6s9M_saz1m3NhgqvFIfyUxI14yTYXurcYq4QJGlu5f0uMhWVg==

GET
H2 200 bl-cf1706d-4d8a3280.js Show response
tagan.adlightning.com/advally-dildymedia/ 57 KB
24 KB 34ms
34ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-cf1706d-4d8a3280.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:21:04 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: j9yxSwjZKq1vfy14YBuPA1dxuvFSY2Mr
x-amz-cf-pop: HAM50-C3
age: 4239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24530
x-amz-meta-git_commit: cf1706d
last-modified: Mon, 27 Nov 2023 14:09:53 GMT
server: AmazonS3
etag: "3916a039d6dd2ca5b64d1892b87cb608"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GwmD9PsLZ4BuoOotK4_LHuLSa3NDb4w7d8kc4y4PMFvR55Wx0qjCsg==

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DAF 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIrJQZxfeZNhg2tSAnFRIfY8eeD7pHde6_dcuyi2rWuGccs__FgjD225aw6LxCyxIS94h3II7RXWIPNqqFGOvf6LCQGbnFS502E2KB4nlcbx9tt4MZthEBOuOIf4gydA4iULcy-_wE4iZZYJwXUzFQqNiS23abRtOvegq38gcLjzX281FQ6lYsqW7LQAA-tFmdD_EUi_K7_qc_D60uTnCXsqM3UZOhNY-h_i49EueY9uNoY0l7Dcxzu27Oco7XwceSE15YagowkPDmQPr_Ivk3d9m--HPbw8x-5Kd5pSsq3q0Y90c0_DDKTELWXXq4ESpTyxA4fW3AA7G4XblNQQtM-4KhVma90rv1nm4Q&sai=AMfl-YQo3bL64_veESBcaDMARneTQ3VcFWWWIfmA1-nYZf8ysIDkSliw-uiHqdd4ZlfXvGIzxD8MEHpQDIMlIPEkW9fsmLSuI1gaoQU9tSCa6dELHwsL9gX3jhXaAYEbY5oNmHGso7mFUbZ-H6vT3s0QtIQ&sig=Cg0ArKJSzF40srXL28PUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:42 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 134ms
134ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=wDHBeByQJEZmkKqwVnJEHCVaZFJDSmhg-FE7fPshldVrrKD4c03zIFUjD-E03BPc1maVvnMQ==&pm_ct=14347892e37237b11cd95a33&pm_pl=1701099102073&pm_td=593&pid=1000177&en=1.1&callback=__pm_glbl_1S7zRll7gDlE64im3MZELvwk._gc2&tt=opt&v=a6bb4ea
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Mon, 27 Nov 2023 15:31:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ Frame 5DAF 397 KB
134 KB 110ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079756

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3da7ab822d0d7628b49dc629d4ce9a9ac0dd985f4e4e14b92a09ff92e6325ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137295
x-xss-protection: 0
server: cafe
etag: 9049121179128388952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:42 GMT

GET
DATA 200
OK truncated
/ Frame 5DAF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43212842f704bdb959365fc06396f755696c934ad183eab4f1163421bb196126

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E5BB 9 KB
4 KB 48ms
13ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:04 GMT
etag: 16674218716276178799
expires: Sun, 10 Dec 2023 16:18:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C33A 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-cf1706d-4d8a3280.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C33A 57 KB
24 KB 19ms
17ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-cf1706d-4d8a3280.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:21:04 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: j9yxSwjZKq1vfy14YBuPA1dxuvFSY2Mr
x-amz-cf-pop: HAM50-C3
age: 4239
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24530
x-amz-meta-git_commit: cf1706d
last-modified: Mon, 27 Nov 2023 14:09:53 GMT
server: AmazonS3
etag: "3916a039d6dd2ca5b64d1892b87cb608"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qfITPCt1h9j9R5kTnYKZDdyJQV3A52q5TsNrrbe-EGIubmLZPRhkdg==

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame C33A 82 KB
31 KB 23ms
21ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sPLjABjHTszoAbab36LiluvTxl0K4Kr8pC1akNtCSz1TYtrGyDhLSQ==

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C33A 24 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C33A 150 KB
52 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3958d21c3bdbd67d11232dda9f24c0df7335a6235c00bfb3b569cffad39f25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Origin: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52741
x-xss-protection: 0
server: cafe
etag: 8751626244909210585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C33A 202 KB
64 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:42 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A2A 0
55 B 290ms
289ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102706&bpp=1&bdt=238&idt=297&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&nras=1&correlator=4196359418440&frm=24&ife=3&pv=2&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.nec7blv4krw5&fsb=1&dtd=305

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9362 27 KB
13 KB 662ms
654ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88727cf9f6779c276bb3f021ae78aa7e3adcb117de3a206e1388c4f69138e17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 12930
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C33A 0
0 56ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuldzrP9_z1kcpx56HW0tQGQVrSfX_SjgjAFXoJ-3lSblckw6KMabPYaRIgKJ3_v_HOUKI-aB9bWoBbcq_s794R54_soYNDC4sw0Z-spyWimNwnbWRY4iQhSXTOQ5YPyrjMN9Lk3aiCtIlSX9j66zO4iFoerjtUIUsYrFpuz-wTiHBr7cSiwtFdxov4yqiBMLmdnQXvqnJwQoSKunSvZBYjKdH4U8rDG87nZyR_5ZzrzI_wozKrm5W-QlBlVwghc--KeqWu0wkhpFwCk89qIofW0o1qRW9GWcU_HEna6gxg8YtO_UmUmjn3ZoTR3g4fT8ywdHtp2rUzFVt30y28AH2z0ULs1czw3Avhki60&sai=AMfl-YScR5nSz3DQ1Auh4eFEUYRJK4Z34LH19VGg_3bKhhGhH9vUtqsYPXo-114Z0diBjygjSNUBHMz5fNNKUxAlG4c84bbXzkprTBFmkcSuzSF19UsqzGbDv-fMMXOP59sqW277E1Y27DirKvGQNimPSw5a&sig=Cg0ArKJSzLsDb3yEOk0oEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame C33A 400 KB
135 KB 76ms
73ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079653

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c8c1e1ec7036605b85a647b52935bfa22451a8a0569334d4ca63a8bb25cbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138531
x-xss-protection: 0
server: cafe
etag: 3098808931870650737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
DATA 200
OK truncated
/ Frame C33A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5106524f7a1ca62f280232547317aa33adc1542d6cbca8ac2003514dabb1cf2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 70CB 82 KB
31 KB 19ms
19ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UTkGDQz3QdTsERd_2BfKTR8o282qNc5rIfSXF2osyrJtozVSgGdCsA==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 70CB 196 KB
56 KB 110ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 213163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 70CB 15 KB
5 KB 139ms
43ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 323023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 70CB 95 KB
29 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 222253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 70CB 5 KB
2 KB 145ms
49ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 235637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 70CB 40 KB
13 KB 146ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 318131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 70CB 14 KB
2 KB 122ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 14:57:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 70CB 2 KB
2 KB 15ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:14:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40662
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:14:01 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 70CB 295 B
319 B 14ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64505
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
DATA 200
OK truncated
/ Frame 70CB 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 70CB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cea69a4c170f5d1b929e98592b90b6fd361fff660c55dfe56ffa3cef40901ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5562 0
16 B 266ms
262ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103116&bpp=4&bdt=168&idt=185&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5322776173912&frm=24&ife=3&pv=2&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bpzya1ps4ci&fsb=1&dtd=199

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 798E 115 KB
40 KB 690ms
687ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75972da54189e28b01a88745c0a5c7e7bcdeb0dc9bec9b6f140f3e1231f9697f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 70CB 33 KB
34 KB 80ms
24ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 541345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 70CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

34ms
34ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 70CB 0
0 56ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1pOIXrZkZaesNO3G9u8P55-0mAT-z9ykdOuihM7-EdrZHhABIIekzo8BYJUCoAGN4OzhA8gBBuACAKgDAcgDCqoE-QFP0O7yxKLmht1Baz8VLNpz5_8cfjdjBjFpMWgg_qlLCQ3e5Bp8pjev5lO54EtBXT2qL6DxIDiUmOCiFyGxeuLy-ZNt-C6XrIYoFTW3-p4IqfdFvolh1M9xm3ExwZISWgRvGPloApUDlk_trtSSidzmSHEil4ISheR7sCqUR3kLLZ-iE-qvvPuKrfau4VHoG7yiuIPb3HwaFUVfQj2m1Oush8nkmloUtS8TQW_7UGEpYFJKLej3CnswI54_oNLMqGu6phBSkZ6PFMgz1i9jukRdxntYjOK0K3t3JLNa8H9YTvfZn_Pb2mpU2hHKK_am7CTTpMaLPtZ-jS7ABLv_wKzEBOAEAYgFwOyyr02AB9ufkx6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDU1QTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkVaHR0cHM6Ly93d3cuZGVjb3QuY29tgAoDyAsBogwQKg4KDOS0sQLutbECtbixAuINEwiOwtT9v-SCAxVto_0HHecPDUPYEwOIFAPQFQGAFwGyFx4KHAgAEhRwdWItMTk5MDU0MDM4MjIyNDc5NBiE7QU&sigh=DVfI981QMZs&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNXAIAX77uS4xnwWQVt8_W9rhksK9V9zgnz54vE_puJvMQ9qVlSjpG6yC3pzhfvetOxYmxQfwJhXmQWl8C15ocDBAESoBhE6YwuRgB&template_id=492&cbvp=2
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DDD 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9362 42 B
63 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DETu5SYVooj6IpxutJ5tLBnNJWPh32BzbxVI08l3YX_tbNZYtio1Gf0Imc-yF0MMbp1_Yp0XfaN4vpVRP1rDqjYUZbk-otSBS2sDOtbnlFYeTpmXk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9362 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=708884208565407251&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9362 89 KB
31 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9362 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 13:27:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9362 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9362 0
0 22ms
22ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnfK16qm6Iyq2FQH_rcylo-aFEWRJkjppFSBmT0Sc0GUvpAh-aHraxEaJruYulbYjknDhvq9qQgsXQCK3YbUeTCb_N2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9362 202 KB
64 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6AF6 624 B
245 B 65ms
64ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUiuyz2SNKi6lhXfU5D0p221F4FUa04coQfFg9EwAs8khmeLPTmamW1asa201F7QMLWVPG23tQUjxRNG5HppTXmKzCAidEzag9cctMz60DvuHh0W8AiML4xnCiFynQoDdF0vwEeD_lqEkU6X9rPLZE-3f0c95-I43TCV0fQJ2SGe52zMeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:43 GMT
expires: Mon, 27 Nov 2023 15:31:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-cf1706d-4d8a3280.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 5DDD 57 KB
24 KB 22ms
21ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-cf1706d-4d8a3280.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:21:04 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: j9yxSwjZKq1vfy14YBuPA1dxuvFSY2Mr
x-amz-cf-pop: HAM50-C3
age: 4240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24530
x-amz-meta-git_commit: cf1706d
last-modified: Mon, 27 Nov 2023 14:09:53 GMT
server: AmazonS3
etag: "3916a039d6dd2ca5b64d1892b87cb608"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -lEQXFSkzfYACW_r2dOegmecox8d6b9UdAQD3wUX0vuxLd4p9w0ryw==

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 5DDD 82 KB
31 KB 17ms
16ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nL0Eoh6Lcqb-jGbwcvZGHPwkmRzLVRXCMqruK4FWgG7Q7P1jjsKZFA==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5DDD 24 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5DDD 150 KB
52 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4d7f033e4dda1d18a4adc9493929cede1f8baecd9b8173317e13a40fa8eb5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Origin: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52700
x-xss-protection: 0
server: cafe
etag: 9756417905378637977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DDD 202 KB
64 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 72B0 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1

43 B
768 B

27ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUiuyz2SNKi6lhXfU5D0p221F4FUa04coQfFg9EwAs8khmeLPTmamW1asa201F7QMLWVPG23tQUjxRNG5HppTXmKzCAidEzag9cctMz60DvuHh0W8AiML4xnCiFynQoDdF0vwEeD_lqEkU6X9rPLZE-3f0c95-I43TCV0fQJ2SGe52zMeI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1l7nRo6eotOqpapXYDUKY5oKUTojTDLf8SDG4sdTiJ7G5W3Vy%2Fcf92s3ZyA4px0HiayVRxebS5DJqmFo3isr26y0aiLTs55vsje%2Bj9GmwvYFa2v6Ve%2BQfQRWbyJZvkEocsn56Mwu%2FrGIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cb6b7779bc3668-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AF6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWS2X2TKbSXkEknC8i9fFwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1

43 B
741 B

30ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUiuyz2SNKi6lhXfU5D0p221F4FUa04coQfFg9EwAs8khmeLPTmamW1asa201F7QMLWVPG23tQUjxRNG5HppTXmKzCAidEzag9cctMz60DvuHh0W8AiML4xnCiFynQoDdF0vwEeD_lqEkU6X9rPLZE-3f0c95-I43TCV0fQJ2SGe52zMeI
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY4ZduRl1ldN6llR4W%2B2Kqk%2BMwzf7HItRm8sCjppo%2BDALhK%2BGwQ9BEBHLRJ7ITvD%2B1UF8l8SFDCbozDXfcd0s8uyfW9xeKlIn8U8LV%2Fa2O7YaLTBGn3K6eT%2FT8JqNISmf56RGlTIGGjdbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cb6b77da5c3668-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECYTEqZangSXhCO9id5XCrI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6AF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI3yX_COcPUrzNHX7ZswaNA&google_cver=1

43 B
844 B

9ms
8ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI3yX_COcPUrzNHX7ZswaNA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNUiuyz2SNKi6lhXfU5D0p221F4FUa04coQfFg9EwAs8khmeLPTmamW1asa201F7QMLWVPG23tQUjxRNG5HppTXmKzCAidEzag9cctMz60DvuHh0W8AiML4xnCiFynQoDdF0vwEeD_lqEkU6X9rPLZE-3f0c95-I43TCV0fQJ2SGe52zMeI

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
an-x-request-uuid: be23ff55-9cf8-420f-a983-9a36a9ee15de
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI3yX_COcPUrzNHX7ZswaNA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6AF6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3NzkyNTY0NDg1OTk1NDkzNQ%3D%3D

170 B
243 B

26ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3NzkyNTY0NDg1OTk1NDkzNQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
an-x-request-uuid: f9f79109-4f2a-45e7-be04-26c2c4375d9e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY3NzkyNTY0NDg1OTk1NDkzNQ%3D%3D
x-proxy-origin: 178.162.209.136; 178.162.209.136; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9362 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=986940961677&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9362 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=986940961677&version=m202309260101&ct=77&x=1&cor=708884208565407200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9362 20 KB
14 KB 316ms
315ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYX8hunJ0rqDmXlzXje2QyJLg9Tc6POLoWg72lRjabY4xcqaKOHvoxpZYEvbfF3u8m7tcs6DCVFvCOZ3cXUpN7TpOJzn-vG1KYtnqnx_XzLpTopdaK1McbxbiRlXd8vLt6XOJtqXdlI73252OZWBYbADMuiuJbaksYPQKcR3fWIqIY3sg&cry=1&dbm_d=AKAmf-CRyII0JFQGeV0rSUxREe4QH_DIAw7hHvr09sC1QWkC7K6BDmbE6HavXtCUuwsUYYvEpx0EeLqIq8jA-H5GqBhJgo1D_9u3ya2eHhBOQzwzRsm7-6CwMIG5W6d8fBo5mCaONnWANM18vtRbD0KWpURnjrii1yVEObbnDPELHKS5770B4WYuI4it2HeTaIRT5zbdK3cTKaVLFR3tNBsU8Dp3ffM6YXOVVY4d1kY6cmH3zx9AIlY2Pb79swubwfzaqFsJoDCdB79fenTSnTFLKvMyD6KlmwRE1KFjlc21g44P5astjllTbujOoMbXZGoFYzBToIHaJBLroOq069Lo1ORM8F6rKMp3_iCjfmPX4jC4SZZjhuIqy4nj0a8uLCSrPhfeOcpDbckvlKe-DHzt4T7l7KwCMsvukTafxDcWGcbRiL0Vj4cJ7Fxo0GXuZSLi9Z7hxtzY-uDqA1c4RTZVEFusFU2HXkhC6RCDf3r1gYOW3BJEvJZeA29riqZJS_HQHSEdJQt9aivj4u5SiMX_VkU0ScN0i4pMAsQh2CRMViHRMjmpU7WB4tDUqpVO51RYjOAK8cN1qx80c1-mUkq-zS9qqGcQz0p4L37UdOREd1DiHglXQIzCECLMOb8iU_5ErvXqRvGAiyQDj2NdaWuEbVaV98W-EUFkdF4i4Cu-2Q_-jCOLhk27yyypz-9jEFMqF3uZ6J_JWHMUHLaZnMMV6K-Pg-RaA47acDC775N9u660gX4lqHiWaDpjUpd05vqoQqr5omGlyhzI2RRqHSDOCZRN5tCqy0Thz69qMYsx9zNdMJqbfMXwDE12gxcYLO836E8_5lFZherJCVGFUlbAAicZfzwdQlmdViwJfLb6WjYlAXQkoz-mcASQ4dsei2B9BduQkJtypPpCl1iKD3QFQIl1odj2QpoyuVgIs5OsgIgG3aHBr5KFtAkl7x-WNApsUis6d3Sr4DnsUZ0s-A9iv28Zl8oOQONXysdPoUlqAdw0hdyqoWN7PjlOQATEvO_0fom_OIIXihkRRAI7iRouZlDWHG2500Xi6vOktkBbtOaMyzOncA_-utX0v8tIUpujkxmHuHtYMmWrytd-i3WR-TpYBon5LXTT7lh-8Vc2FsmgCzj_UhyjMpOyFkCPr8dls0lUBVjLKnppsleTTHd1zvy8B81VgiVg_ZnFFuZuMjkxGuBtAcFWx-dX383crkSXzEtUhSqCrFVg803wpNzw0tp0Sk_ofZX0PB67WGljTuHE2_LthXubewRiKeVdKkZ_aHLcL2d2VEgItS_jIFIyqWCIuTMZox-ScQwFwR8mxf_eBtOBv0a6WtK6J6gHw910epoUwJU6-mafwtDBfVV1aX0Kb1NIjq3Tlgi0hLWtOW5xIqqH2_BhVICv5QChnJa7es68g2fi7ss-CglXVMfndMB8MIUaI41nakWO6E8AFI2WzDlXNzBKsNpSEx0B7xIdz1tS1E7A0CklnTQQqpzasrZLrrJL4mT1_DXjM7OqSvL_XWl21skK4DF5yp4gaEI0cIptty7FoVJwEx5uLkb8l-d6unVAT1kzS2mKKYCat5mW_lsFtgLpEI2Ac7lo91j9SeC_-URBRAK9o5MqVqgxqpi8WmndkS0DpRoM4Tp79DaXb98bE-zRmvhy1Q6YRu0DQRwOuf1yiIl3xa7-yScZdp-ylraqLz7zvihpHjP4Lb2HxsE0kz2_NmD1ZEvPFUg8SZWoY4e5OUnrZARaI3B11hL-EkF8bQGeYnNDAmv7NDwExM0plIz_uJ7GE2wHvhTIckNw77gfJ1cLGEwEsiwYnBlKGzyq0TqiovFldF0Alp36ww3J7opROD6roIORVWCRGQ1Iep_NPxWAVn1L_sEsBRZo2v-GEr4Qs5UPNkired1ZuO0owPcrOW6HcgrmwrMo7b6vs0AwUD7yaBQk0FmlkjqDUwn-21U4vbugkgxTMlyyUmHDPMA_OsBV5WlwI1jFRp2t7IwM_MFp7Guavg63YbljVcdDXqxw49OcilcYjekk67loNQW0B7Y_PCrfW9HyI83Vq24p8cdPdb8PiUBog57_hik8g4YlvS4H0XQnFtfn0hkevibP_b7nS5rD9CmBCobRNeBm3N4LcQGQ8HnPrXunu4LJs3lHM9-xkx-yjV99WXUnDLeH2O5rP3tXW8UOaZ9Wfs0EKSG6whxvpuUr5VkNq8sQlzgDPGOSL0MyPDiie2pdWk1NeB7IIhCUoeL-RxyGsQxbAa0prHQp4yuw1i3HKfqKTJBB06au01XtMgOAY74hYOIabgS5csTT19Ylr9Uv0hw2prXT-uu2gvx2S4p_pn2VMOhmOxCmwYjAMkMKuTjxf_KKhzde0zWfstA0Bt8cdkqt8BJns_TRngpEXrEed8y0S4e9NIjdxCfFgYNk4N8EAGCwjsH-Td9NUZVv4E11OrOiuqGYB5x5JE1bdoxvbQrYE3AEieE7vHhwUxPADHEczwwFOqBVDQ5c8wnJ8TPRXkklx0g_zUdRpFZm7OVFu501uF11utkzxvVabcFA9ywVhWeNdz-gRLoa_lpbHNqdkHI2H6TWmnx4qNYIoAHDyZGmchv6xZ0RJLcQIaCUa1KBYQerP-5Nrc74HikfAkFFJynOWSzOCOsSwuxT5AWsu9oKGn_Vwn5Dt79Io2Xe4Pk9ihh4q9skpI77SO0DeMjULActHkbS6W2ZObiYWh2aEVX9hJa856yFRcQdlWtKOU-lJtSYl1hjjATKvcD4lRospyOuuXRrDXhH8aM1oT2_TBzg7Pt5uiOzt-d1mWVVRhNiFSWy_vntZ0X1p5fuHUATD_gAiThX0TSgxUnoMf2m4aiqYpkm3DxyPieF0NfIMRe3_8x8HMVBy9-PU9SrEKnoBxNi6bEnaDdtu3LsrOiKhHuU6pizqvpXyZ2y4MDEbdCxMLc5JDd9xI1kYsfTzJcgxfzvyxXVYHIsSmzKaNWrqalHyZz7v-T79dsJKOKEFtQP7tsL6yfb-AXi9iG9XKvrFV4z7f5mhSTeCDEq-q_cJ4vvgkxaI_xc3d0xb55HrQgIYBPI57AyPScGaeRxAYeVT12rUelCd6zZJ2YeOSju0MpwllH-N9Arohk34KSvstcmaZz5dssibXcXrM53aRXdlhH46B7APaKqnFcFI8agEyiS8c1C3HvGtIRhoxB3hyhM_cXcPZsj9k5kKu3A6M_0ohyjGEhLM7W3hNgJ1Yh4vJR61VZeyMVNDEan9LG8fSq9XY90kf_9YSBg4grcikYFJtrgm-kAiTw85O1S6WqopcI-NDBwt-O8UQTV1xZmd-nqf2yZTH0R9cpGh1GNdP6h-bgX7siq8Z1uy6gYXd42mnle5uSmYOaOzDXdRgV8oY_UFBqlsgY3RHbXca7z6AblrXoGR1c3CFTzrWYG0vgaVZf7Vxu1fT7CAE2D6NVZa16PKOzUv-3VpeDhSM6SgBpueJbb_Vr7nxC5IA1Fi8KOJJcLIdSJLpK1i4N4TcHkP4TTyY3War2xR03sS9O48-BgOfl2sE3io6DqDuhHymlap1t-uS1sr8nCYpH0uqdlXcTz05HS09LRw5rjtkigN9HQKaCFjLee37jPAORVBAOznpeefSW0Fcji1JAxUOJDdRhjitRxKv7GVRauE2k2REo0UNuzeRLxXGz5RUnSGbqsK6zJMBIKPllyskwlCn6XlBHtNzNAURtbKTkdPNldx5rTAGrz&cid=CAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.tndeer.com&ds=l&xdt=1&iif=1&cor=708884208565407200&adk=109667760&idt=75&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94de7406e41e81c415233788d66f21c5a22ebe1792154029f50a29109ead61f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bl-cf1706d-4d8a3280.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 72B0 57 KB
24 KB 16ms
16ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-cf1706d-4d8a3280.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:21:04 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: j9yxSwjZKq1vfy14YBuPA1dxuvFSY2Mr
x-amz-cf-pop: HAM50-C3
age: 4240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24530
x-amz-meta-git_commit: cf1706d
last-modified: Mon, 27 Nov 2023 14:09:53 GMT
server: AmazonS3
etag: "3916a039d6dd2ca5b64d1892b87cb608"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0eDK1_7WFUXa1uBa20dMTqRvZgl453gJt7YjkprXo8jvRo24GmrWrA==

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 72B0 82 KB
31 KB 19ms
18ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: McOkMP0V7NJqyXxqHu0TKLYaacOSQn_hwMpDnFEWbTEmJcjZed0bWQ==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 72B0 24 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 72B0 151 KB
52 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d908609db44dffd9ede2d752207cfe8d6868f3259bcea44fd7d0eea74a4b520e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Origin: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52761
x-xss-protection: 0
server: cafe
etag: 6639910944496500977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72B0 202 KB
64 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:43 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DDD 0
0 55ms
54ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJjrfD0Fa3T8NULPGjJhznYMXXt1HridcyBki32Ic9SvgP5CbuHLjoj08H2TBzvs4Gd2F4lxc3A-laTv23acR9BVXYXXj8NipfQBHX-LsrtS2Zeihm-LdXZMEUmGuHIiFNFxC_F3OEHO8ri3-MuvpAitNK2saGHJzbA7deD9wLYZRaWWFsuqeUXvd6j1Z0CgQScNLL59jiNuR574iePTARf53CLgxlHD69b-J17RrsBHWMVEVDPPs5BioE3CoW3rGTXcDjcensUmnCgmgZfg4DFIM-LO4aIE5kg9zTtHtD7wOzNBps1v3UpfsVbJB7830G70qk0zw4Z3Ni1B3pkrYcp7_52U6G1rU3gPTD&sai=AMfl-YT5WQo6fiazXi1c4fb4z4aNJQFgeciWuFl4BBg5rAwN-w_1pw1kmz73d4xuC2zXHrdrLm1IfvhKY-6gNDmhputzJFJbQnGxJ_sLYTiUknakfhniUovSme6CV5PZqQB2hE-9NUrG7oKrh6nK4ZwMjFFB&sig=Cg0ArKJSzMUu3Kxo5NxbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ Frame 5DDD 397 KB
134 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079654

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a23c9d2626cefeb8d2d8c1a19597f8a68211c272df78a64ffd893898b33a2b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137200
x-xss-protection: 0
server: cafe
etag: 2621486971453224519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
DATA 200
OK truncated
/ Frame 5DDD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e7c8bcec9a2fffd71a6e9d63e83a6461758b3209c7a161cca5f09b72a033ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 440F 6 KB
3 KB 16ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:42 GMT
expires: Tue, 26 Nov 2024 15:31:42 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72B0 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxMe_mFDR7rzTMAyOGv89EpvRNI5HD6I7b35MBNfE8HHuAXfA8_xvrVbnzvyN3TlXtYO6Obvi-wDtZqfFqGeW7-VbAMamdRpj7-za7kmS-M_NLkLdaewqWB3ctiQdwJAVV_o1kEGRgnn3RB1BLnwulMj5cJAW1CXKBVygS7Nn_8ys_4ECJcWazmbUoo0hYIrwoBykXPXyvriLG07fA0dV0Z5ub6iCdBhJHUlU_ms5pZ6L0CSOtQm-uoF8dw2gUEm3YLgkO9DQ1BjnqPC7D7Q-2VVgohAYuzAXVF24JuEeGiZ_y115-spG-dm4gWMoPcIy-rzqYPed62sQ6ed3OQ65sTXqk8RQUNzKyDPEb&sai=AMfl-YTMKTRr9bnkLVDHpKxoObnTRNIjgfBzZm5kM8KjrqLNXVRGMznxvMijo33h3aTg52vP6hDkzZcTcrx4ZuzMOhCt32l8kQtVcJBzzri_tE7T9cDt8QMIzSiY-zWiR-4BqfCBCvJaGAabuxQsN8s-Mhk&sig=Cg0ArKJSzK1_HhJgXXorEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 798E 14 KB
1 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 14:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 798E 2 KB
822 B 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 798E 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 798E 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 13:27:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 798E 20 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 798E 0
0 21ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSluGdQHfIPqzxRjMwMM7I-LeAoFcsH5znDCQJwj4f9o1GH6RMi8WeWwf97i-VoW8vePatAvPCm2CyzoF3en2TsBeKbEQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 798E 202 KB
64 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 798E 37 KB
16 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9466 143 B
166 B 26ms
23ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 729F 1 KB
643 B 15ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame 72B0 397 KB
134 KB 89ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079757

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21deb1667f7cbdce60b56a7e193c713fd3bb6e13a3feb038c947a731f961157b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137281
x-xss-protection: 0
server: cafe
etag: 9660591705008076770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
DATA 200
OK truncated
/ Frame 72B0 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 395173b4e81a86400000a80ec25d3c33f88369a1fd456b61a3bb4d31088af0c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bl-cf1706d-4d8a3280.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 440F 57 KB
24 KB 15ms
15ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/bl-cf1706d-4d8a3280.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 14:21:04 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: j9yxSwjZKq1vfy14YBuPA1dxuvFSY2Mr
x-amz-cf-pop: HAM50-C3
age: 4241
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24530
x-amz-meta-git_commit: cf1706d
last-modified: Mon, 27 Nov 2023 14:09:53 GMT
server: AmazonS3
etag: "3916a039d6dd2ca5b64d1892b87cb608"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3EkjR9yP-1oiR34g4dwNpu6h5ypErO2t9JQ2kd6FItWwvu2AvRGsow==

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 440F 82 KB
31 KB 18ms
16ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nYRaNPd_WQ14fHg6OzY5-T7g0U9x5w8VHjnMlvBmw3OvZzF8ehphsw==

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 440F 24 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Nov 2024 10:09:23 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 440F 150 KB
52 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1990540382224794

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce173931b9f0594fc8dcf527741f970184965bfa09a83d00eb491f94ee9378d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Origin: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52738
x-xss-protection: 0
server: cafe
etag: 15187919402290452402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 440F 202 KB
64 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
URL: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
DATA 200
OK truncated
/ Frame 798E 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e9f344a1e9f4ee7d963030a61fb3899d5385f4f7db6b4f95f11d72875a0a494

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 popup Show response
www.tndeer.com/misc/tsi-campaigns/ 65 B
301 B 310ms
310ms XHR
application/json 2606:4700:20::681a:5e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tndeer.com/misc/tsi-campaigns/popup

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=c3573845

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:5e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

1b6e32e95a93e8736f111d9d82a867680cba9554cb72a3e8bc29210fc6623bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tndeer.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Nov 2023 15:31:44 GMT
server: cloudflare
x-powered-by: centminmod
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, no-cache, max-age=0
cf-ray: 82cb6b78fc071d96-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ Frame 798E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae8bab72cfd5ae831f537aab2a86ce0426dea5c815d876be32fdc164a06b8427

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 729F 35 B
464 B 36ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmS7y_tTNVn0WEmx5aH3vjr4oeuYD6jIZu7RmcTUwIZzA90qNgOKysfiOnFCE5BbUBO1MmpsxMawtBSXuS7Ht_VrbByS9Ss1HQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 729F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvk...

43 B
424 B

191ms
177ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b7a5d1091ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 108
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSZ4E19AUWNGg177qoyZNix1ScUH2uHo6qt8wsASLzG7ILBlCL8nrRR-0m7svF47Kar1rEgZQGmK5XLnKv4D4dxNNaNmvkd8VU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b792ba691ed-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 729F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEP10tjPBySkuyYcaCv_hR1s&google_cver=1&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50vvKhPJETu7hP9il0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50...

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50vvKhPJETu7hP9il0

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT4N53aRCY-fFsO1IGPpqeT-VuhLHojkFBYUwOdQAsPs9V8UHj5Mo20FeVA9qnT-FeXgojI3UktnEY-X50vvKhPJETu7hP9il0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Nov 2023 15:31:44 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 729F 0
173 B 58ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFchZRubdSmeRnzF2dldtSQ&google_cver=1&google_push=AXcoOmS09Wpj6cw3nFrNsd4BHkm6y6UZ1fGMeVbT40tQ9ZS6pJm8YUEQ0R5FpvXeWtZl9mgaePSBc3iUZxCIRIzzB6cpuuD9jLCDruA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=9359037231&adk=4021856003&adf=3173046725&pi=t.ma~as.9359037231&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099103120&bpp=1&bdt=172&idt=205&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5322776173912&frm=24&ife=3&pv=1&ga_vid=840118297.1701099103&ga_sid=1701099103&ga_hid=535544271&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44809004%2C44809316%2C31078301%2C31079653%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1089709378602837&tmod=210997316&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.6u8grznkdr8c&fsb=1&dtd=208
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 729F 0
12 B 25ms
24ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiHAzEJsFnrsAQFFewGg2vtQTJem8MtzstcbJWSNcr3uqhj7x3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9466
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:44 GMT
expires: Mon, 27 Nov 2023 15:31:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9362 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYX8hunJ0rqDmXlzXje2QyJLg9Tc6POLoWg72lRjabY4xcqaKOHvoxpZYEvbfF3u8m7tcs6DCVFvCOZ3cXUpN7TpOJzn-vG1KYtnqnx_XzLpTopdaK1McbxbiRlXd8vLt6XOJtqXdlI73252OZWBYbADMuiuJbaksYPQKcR3fWIqIY3sg&cry=1&dbm_d=AKAmf-CRyII0JFQGeV0rSUxREe4QH_DIAw7hHvr09sC1QWkC7K6BDmbE6HavXtCUuwsUYYvEpx0EeLqIq8jA-H5GqBhJgo1D_9u3ya2eHhBOQzwzRsm7-6CwMIG5W6d8fBo5mCaONnWANM18vtRbD0KWpURnjrii1yVEObbnDPELHKS5770B4WYuI4it2HeTaIRT5zbdK3cTKaVLFR3tNBsU8Dp3ffM6YXOVVY4d1kY6cmH3zx9AIlY2Pb79swubwfzaqFsJoDCdB79fenTSnTFLKvMyD6KlmwRE1KFjlc21g44P5astjllTbujOoMbXZGoFYzBToIHaJBLroOq069Lo1ORM8F6rKMp3_iCjfmPX4jC4SZZjhuIqy4nj0a8uLCSrPhfeOcpDbckvlKe-DHzt4T7l7KwCMsvukTafxDcWGcbRiL0Vj4cJ7Fxo0GXuZSLi9Z7hxtzY-uDqA1c4RTZVEFusFU2HXkhC6RCDf3r1gYOW3BJEvJZeA29riqZJS_HQHSEdJQt9aivj4u5SiMX_VkU0ScN0i4pMAsQh2CRMViHRMjmpU7WB4tDUqpVO51RYjOAK8cN1qx80c1-mUkq-zS9qqGcQz0p4L37UdOREd1DiHglXQIzCECLMOb8iU_5ErvXqRvGAiyQDj2NdaWuEbVaV98W-EUFkdF4i4Cu-2Q_-jCOLhk27yyypz-9jEFMqF3uZ6J_JWHMUHLaZnMMV6K-Pg-RaA47acDC775N9u660gX4lqHiWaDpjUpd05vqoQqr5omGlyhzI2RRqHSDOCZRN5tCqy0Thz69qMYsx9zNdMJqbfMXwDE12gxcYLO836E8_5lFZherJCVGFUlbAAicZfzwdQlmdViwJfLb6WjYlAXQkoz-mcASQ4dsei2B9BduQkJtypPpCl1iKD3QFQIl1odj2QpoyuVgIs5OsgIgG3aHBr5KFtAkl7x-WNApsUis6d3Sr4DnsUZ0s-A9iv28Zl8oOQONXysdPoUlqAdw0hdyqoWN7PjlOQATEvO_0fom_OIIXihkRRAI7iRouZlDWHG2500Xi6vOktkBbtOaMyzOncA_-utX0v8tIUpujkxmHuHtYMmWrytd-i3WR-TpYBon5LXTT7lh-8Vc2FsmgCzj_UhyjMpOyFkCPr8dls0lUBVjLKnppsleTTHd1zvy8B81VgiVg_ZnFFuZuMjkxGuBtAcFWx-dX383crkSXzEtUhSqCrFVg803wpNzw0tp0Sk_ofZX0PB67WGljTuHE2_LthXubewRiKeVdKkZ_aHLcL2d2VEgItS_jIFIyqWCIuTMZox-ScQwFwR8mxf_eBtOBv0a6WtK6J6gHw910epoUwJU6-mafwtDBfVV1aX0Kb1NIjq3Tlgi0hLWtOW5xIqqH2_BhVICv5QChnJa7es68g2fi7ss-CglXVMfndMB8MIUaI41nakWO6E8AFI2WzDlXNzBKsNpSEx0B7xIdz1tS1E7A0CklnTQQqpzasrZLrrJL4mT1_DXjM7OqSvL_XWl21skK4DF5yp4gaEI0cIptty7FoVJwEx5uLkb8l-d6unVAT1kzS2mKKYCat5mW_lsFtgLpEI2Ac7lo91j9SeC_-URBRAK9o5MqVqgxqpi8WmndkS0DpRoM4Tp79DaXb98bE-zRmvhy1Q6YRu0DQRwOuf1yiIl3xa7-yScZdp-ylraqLz7zvihpHjP4Lb2HxsE0kz2_NmD1ZEvPFUg8SZWoY4e5OUnrZARaI3B11hL-EkF8bQGeYnNDAmv7NDwExM0plIz_uJ7GE2wHvhTIckNw77gfJ1cLGEwEsiwYnBlKGzyq0TqiovFldF0Alp36ww3J7opROD6roIORVWCRGQ1Iep_NPxWAVn1L_sEsBRZo2v-GEr4Qs5UPNkired1ZuO0owPcrOW6HcgrmwrMo7b6vs0AwUD7yaBQk0FmlkjqDUwn-21U4vbugkgxTMlyyUmHDPMA_OsBV5WlwI1jFRp2t7IwM_MFp7Guavg63YbljVcdDXqxw49OcilcYjekk67loNQW0B7Y_PCrfW9HyI83Vq24p8cdPdb8PiUBog57_hik8g4YlvS4H0XQnFtfn0hkevibP_b7nS5rD9CmBCobRNeBm3N4LcQGQ8HnPrXunu4LJs3lHM9-xkx-yjV99WXUnDLeH2O5rP3tXW8UOaZ9Wfs0EKSG6whxvpuUr5VkNq8sQlzgDPGOSL0MyPDiie2pdWk1NeB7IIhCUoeL-RxyGsQxbAa0prHQp4yuw1i3HKfqKTJBB06au01XtMgOAY74hYOIabgS5csTT19Ylr9Uv0hw2prXT-uu2gvx2S4p_pn2VMOhmOxCmwYjAMkMKuTjxf_KKhzde0zWfstA0Bt8cdkqt8BJns_TRngpEXrEed8y0S4e9NIjdxCfFgYNk4N8EAGCwjsH-Td9NUZVv4E11OrOiuqGYB5x5JE1bdoxvbQrYE3AEieE7vHhwUxPADHEczwwFOqBVDQ5c8wnJ8TPRXkklx0g_zUdRpFZm7OVFu501uF11utkzxvVabcFA9ywVhWeNdz-gRLoa_lpbHNqdkHI2H6TWmnx4qNYIoAHDyZGmchv6xZ0RJLcQIaCUa1KBYQerP-5Nrc74HikfAkFFJynOWSzOCOsSwuxT5AWsu9oKGn_Vwn5Dt79Io2Xe4Pk9ihh4q9skpI77SO0DeMjULActHkbS6W2ZObiYWh2aEVX9hJa856yFRcQdlWtKOU-lJtSYl1hjjATKvcD4lRospyOuuXRrDXhH8aM1oT2_TBzg7Pt5uiOzt-d1mWVVRhNiFSWy_vntZ0X1p5fuHUATD_gAiThX0TSgxUnoMf2m4aiqYpkm3DxyPieF0NfIMRe3_8x8HMVBy9-PU9SrEKnoBxNi6bEnaDdtu3LsrOiKhHuU6pizqvpXyZ2y4MDEbdCxMLc5JDd9xI1kYsfTzJcgxfzvyxXVYHIsSmzKaNWrqalHyZz7v-T79dsJKOKEFtQP7tsL6yfb-AXi9iG9XKvrFV4z7f5mhSTeCDEq-q_cJ4vvgkxaI_xc3d0xb55HrQgIYBPI57AyPScGaeRxAYeVT12rUelCd6zZJ2YeOSju0MpwllH-N9Arohk34KSvstcmaZz5dssibXcXrM53aRXdlhH46B7APaKqnFcFI8agEyiS8c1C3HvGtIRhoxB3hyhM_cXcPZsj9k5kKu3A6M_0ohyjGEhLM7W3hNgJ1Yh4vJR61VZeyMVNDEan9LG8fSq9XY90kf_9YSBg4grcikYFJtrgm-kAiTw85O1S6WqopcI-NDBwt-O8UQTV1xZmd-nqf2yZTH0R9cpGh1GNdP6h-bgX7siq8Z1uy6gYXd42mnle5uSmYOaOzDXdRgV8oY_UFBqlsgY3RHbXca7z6AblrXoGR1c3CFTzrWYG0vgaVZf7Vxu1fT7CAE2D6NVZa16PKOzUv-3VpeDhSM6SgBpueJbb_Vr7nxC5IA1Fi8KOJJcLIdSJLpK1i4N4TcHkP4TTyY3War2xR03sS9O48-BgOfl2sE3io6DqDuhHymlap1t-uS1sr8nCYpH0uqdlXcTz05HS09LRw5rjtkigN9HQKaCFjLee37jPAORVBAOznpeefSW0Fcji1JAxUOJDdRhjitRxKv7GVRauE2k2REo0UNuzeRLxXGz5RUnSGbqsK6zJMBIKPllyskwlCn6XlBHtNzNAURtbKTkdPNldx5rTAGrz&cid=CAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.tndeer.com&ds=l&xdt=1&iif=1&cor=708884208565407200&adk=109667760&idt=75&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTA5OTEwMzg4NDI5MgogIHNlcnZlcl9pcDogMTI2MDY4Mzk3CiAgcHJvY2Vzc19pZDogMzQ5MDU2NDU0Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 9362 0
939 B 87ms
52ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTA5OTEwMzg4NDI5MgogIHNlcnZlcl9pcDogMTI2MDY4Mzk3CiAgcHJvY2Vzc19pZDogMzQ5MDU2NDU0Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA0OTIzMzkwMDIwNTEzOTgzMDY3CmRlYnVnX2tleTogNzk2OTEzOTIyOTQ2NzgzNzY0NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjciCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA4NjM4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xad964c27750e5af00000000000000000","13":"0x5b4f4b2e9b54cbca0000000000000000","14":"0x5bb5f990ba5c9ac80000000000000000","15":"0x952b8285a5397e380000000000000000"},"debug_key":"7969139229467837644","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"4923390020513983067"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 798E 33 KB
33 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 541346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 9362 11 KB
4 KB 43ms
12ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1701099103229837&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 4da97356ee186defd95202d9390acfa41dc7e04b278f5f38c2256a0eb2997d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:44 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4134
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 6D82 82 KB
31 KB 17ms
16ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mROuT4Y3qWOttnYZbApyL8RqJSjMi7nsk6uVIUzo47rCc_MyQjmDsQ==

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 798E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLqZXX7ZkZfGOIrqipt8PxI6R6Amrm7m8dM_z4viiEmQQASCDxPYBYJUCoAHd8KrAKsgBAagDAcgDywSqBMkBT9CvkoEPTWK0cpf3vndbAoXE0AWanSq3CVsUEf8SuFxkAJI6qSn6qZrf5rD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221226252634128735107%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%...

0
0

77ms
48ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221226252634128735107%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216995280408482034033%22}&andc=true

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1226252634128735107","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"16995280408482034033"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:45 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1226252634128735107","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"16995280408482034033"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C33A 0
0 79ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO373XqDPWMwYbUxAfC4FzowRQbDEuH13Jq6wBomxyWGW22m9Nh7MLi3F8UsKzLW_c63kmBcvG_lyukn54LAzhb4SylMtMCIWeuf0OzmcRU-jy9Ee6xp7h_vJXCxWoAWQXcNTLohaoaV1DN_cckAqJSm4ep0-IFdg6kP-jAIm9Wm5IhJal-diPbpzaPnjlVNo9Rsz0JFzb9F_heku9MW1yhMLT9yh_5--VFhqvrBXzvKUtQneQNTkWYU9jMy7mNqkcrcB5j-USYQJxU3Ct8N7Vf6WzlW80WunrFKb95poS2oXzItbr9Ln4ae6uyOlJooxa5U4JGUxYqKLUDgC6e92bd3Pm0jrIhoOL7wScVNo&sai=AMfl-YS-66ARusjtx_RLfPTTqD-K228BOuykKhc3hzlozKphGP19mO4xjLR56kCOVUSMGEF9i7CPSmX8oSRSLy-a-u_cs6uKbjN7_eZpgY71wQvY3V82ffDEEcdhT5xx0180VUh-kCAGlO2MbTtZTXucj8fG&sig=Cg0ArKJSzI6uRZlUhXsXEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C33A 16 KB
12 KB 75ms
75ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

734ffd9136c836e8b46b732c94fd914691d8b52b4bb6095dbbec66d5b5151d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12531
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 440F 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSQfojzshDStn_IbVQh7bHntXghNWJv8PNEvAa3Ipyws4TkTMGjUelK3ef9LrzB8u2Lv1ChFyBSny7peQLoQjBvR-Op5gqDa5pg2aLQgOxUY7nAqV91JT3cZpiWdXSBKGS4saNVTDUtOCyC1jAr7XEHRw5cWcXG-0_VWDZXow1FSwXULl2Hrrizcfyqw8qSw9XjzRGyuSMweitjtIPkj86hq9x-Wk15CzLNkun62q1ygsZl09zYQKy_0lxfSFFWGtGcrFHjjj5OByFeikZN_HVrsWkqjBRp-ULXlJjSVqE-DjsK7INLnW2Y2YA4_0CKEFurkold9lgCQINKVdSVwPLHAQ3DbbhjoyezW8ncgUpBaxyRg&sai=AMfl-YTxDmlup_YeKax-vuIjGmOcUCfS-uXBObTnbUCMgZzNqQq3j8GFjGiPW4cp_pS7YIYwRmBWKc7X3cJ2PmEZl-XrtGVoVR3CXnldkcH0GAHR1mP32iNZZbFudA18ZW3BLKVfvg0bqg62Q5DwUqg0R1k&sig=Cg0ArKJSzJthtAanK1vYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame AA2A 38 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 14:02:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DDD 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIIf6pewFBBo5ckZ7ZWI3Sud7Fs3L9F_xVgAi4lvIgLitcWVVGQs5UMnhwdh6Jo7EK8W0OeqeUsahm49re3fOr7OVmkxQn9Xwg1PO5LqI9M2CWXY4A1bMNseIlGN9Q2vUxrDeYV9aO3m9Zt__RUoLUuNPTWydAAXIqwgs4TVbIOB_wADKOBsZ3TFdE3__xusISnlIlNCD9Mj78RN-ig8zURVmmsRb8Bw2clJ29tEl8zZy1oY3RIdp5eFJ9jPbrTN3S7atgUe03MV49aWTiisUhE_J8O3gRDNS-3Uccyg0lz0AUdPW_VV8IbmIrNcKVQ7cT9UNIoewx2yFWwLRKC3NPHDr8vKAEOxw4m9e9cnQ&sai=AMfl-YQwy1P8clStu1Lz2M-nqUk_VYYSgZW8rFNpnM5pnPzAwQVbszFzgC-skk57ZK8BUVACKWJwAE9XcFxoWJ5MiChNFZrCeb5Q2-W0vYIk8wpqIvlCSWoh4oyf0VjPduRz4wnYIunuYr3zPGD-mwT08CcD&sig=Cg0ArKJSzP4yPdsL_BJ6EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D960 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 170013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 440F 400 KB
135 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80642168462919335f16eb4eec6e93ab305b253d096866526c83f096df93dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138529
x-xss-protection: 0
server: cafe
etag: 9934041363129985263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
DATA 200
OK truncated
/ Frame 440F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc510655449201bfd09042134fdf6d87f880f124d04725e5ad3613b49fcb873

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

request.php Show response
hal90006.redintelligence.net/ Frame 9362
Redirect Chain

https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

230ms
206ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D&documentReferer=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.tndeer.com&random=4029522595363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: HTTP/1.1
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 57065bc463b29fc004883b9b30534e54345cf431c8a448ea637d0432f1d26af6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 15:31:45 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 84175400131307104444550012521006
Connection: close
Content-Length: 1117
Expires: Mon, 27 Nov 2023 15:31:45 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 15:31:45 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D&documentReferer=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.tndeer.com&random=4029522595363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 27 Nov 2023 15:31:45 +0100

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 6D82 196 KB
55 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 213164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6D82 15 KB
5 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 323024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6D82 95 KB
28 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 222254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6D82 5 KB
2 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 235638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6D82 40 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 318132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 295 B
319 B 15ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64506
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
H3 200 5082739385992939548
tpc.googlesyndication.com/simgad/ Frame 6D82 66 KB
66 KB 23ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5082739385992939548?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnGjen4FDmw_xE36ecHVhSFV_cy4A

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45141524eff33a3e4e7b9ecea87c24c12f3c1f485b30b655dcdc16a587bb6f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:19:06 GMT
x-content-type-options: nosniff
age: 198758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67884
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 12:56:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 08:19:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 80028
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Nov 2023 17:17:56 GMT

GET
DATA 200
OK truncated
/ Frame 6D82 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c94acfef433b1567e01633449e962bbf707c7fa746a4d1597bcafcceffe4cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 72B0 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBfHxGykVYD16MBP1RAPRyfwdG8eg8U1nEI8VkmCVHIzJsxIagHEj2WYhZjgOv8yqvbBC7Ipgu0gDkZ2bTeZyEaSCDi2xNyyoU04nVYbdcrhKM0YJMAu-MyhSvWa8k3xsQ2rks7C2ueFJDj-4OLQ8_yPCzdXMSWWfj9eAbWdMG-gj6Ex-cYKqpoBUG-ikfKIH6khEKZLutFjvxIqO1lwL9D8kQoL2scgATdE3kCoXBi97dK15fcmYKEwHRmxdWReXIcIaGZLy7AmsJ1g6FLnvXInpku_MHmGF3TLpNts4iQFewEUzoDdwaDFEuWhmpBzrUNNzd0-k562f6aKObJvgadG2sGNw99a5B1dLkAKU&sai=AMfl-YQrrgM5AM5gLnQNKnYLrkcoVE89uLvQdIOTRtooWtGEjetZcdiJ9B1Jy06eqkmN1OsXgR6gbDQLDFefrhYEr9juMr8sBJH5RzNL0VgKAeKC9E4kontG7heNPozKXCpcsIJuMiLOIBRG8EtXS-9HdiE&sig=Cg0ArKJSzF0Vq0HeMOwVEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 094E 0
16 B 262ms
253ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=3279755404&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=3&bdt=253&idt=321&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&nras=1&correlator=2328295226496&frm=24&ife=3&pv=2&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9e5ydbteyjzc&fsb=1&dtd=412

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5DDD 16 KB
12 KB 65ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c73fc288062800976f6c9ca11797a000eb3f7d852125d39aae551ec714c4da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12244
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 732ms
48ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 15:31:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C33A 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84BC 0
16 B 275ms
267ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417941&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=4&bdt=265&idt=234&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&nras=1&correlator=1786289064866&frm=24&ife=3&pv=2&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9cj3akkzfk36&fsb=1&dtd=332

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 72B0 16 KB
12 KB 65ms
65ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1990540382224794&plah=1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com&bust=31079757

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0348df232619aeecfe90d1be46cbb394c767bce31b0628a278d5e11038119497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D75B 103 KB
39 KB 645ms
638ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

859994375fdfe2ba9d797ba777968e70b970a5c7106c0c048c9d71333c1dc9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72CF 104 KB
39 KB 647ms
640ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101fa90a4a7a7ceb319c062872e88d251c8090de2c8de1f66ee133d1c9c1654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39810
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 70CB 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYyG_xtVUMDT9BH9QmoV_pTCpcn5G901-CUlboH4uXbQ4CQSyRKRv5yCODVaepd_ETsQOzU-Ub7bphqIhdpey1sDkjLtF7kUAvkMQtD73Isn67MMxvHN-m_0C8v1LwLdlFpSqZaHLrCZC9pXYWuoHm8MNrO7mRiaFVo7E_avBCC-NPYXFhTRBGFxxNgxRTT3ehlCkNLHNEuvq1VO0OYMFFxSnizZZvBkPTwcw71vNVyiE6i-y4NQO6alrKIdg3hL4WaE3MJlXl9cmDv4ptylQtSe91aVu3XctOQtkrJNoLm8O6n2JrHxWPZ-chYyinePKn29DZlk_NNFq-QtdTNmBiFHf5tUToN7Fo4PuTgsGr61ZKQMcmIAWCgc4NArWHPwDie6Vlm_Z_vTxZxjomoKl4pNfE3kplft9U2-o5ClCmTW2-vNqMx3G4eVMjZlD3HZQj6osBLaAiXntLCgy7kXS_Tro364T_Ule-o70lNC9gg8i5I7LIEHG1RoLTWyCLpnmN07DgWKpUQUrFsRsdjuv235_4SPw8R5Q6Hw0HlLswlv5ja0iwN5ZXsN4niUkt12_IMkiOAzFZjuU9IETHrZY_qQjSNZRL-kej7XuMZYa7B4tRCOVIuTm5PrBpD4HXBtUGFGVC0UMCyO55CkVvUCXvgdNxxjlCKr1KOYnxo3aagoSZbSiDWtPqB5ACdRYvS3Mg1uP01HO40-k4ADpcy21Y2QMDdw8hlx8EQLdYhNnkSxTCeRyOeA3ymBqRjrDmIy-yccG95DVodfnG0zwL2NTVOSyjov8NPm3mLm1P55keDYXA4oQz_8Y6BQJtQwU20xmOQB6fzesqWAmtMy5u2xV9EGQBUcKmuLGXoYeGww4uL6U5sIR3NMWnbdrlj3IzoEJA5qPTZJoCjHsWlcj6LLG5O5jB09Q_bSttY_vkQ_iE0RTowcJJVYw3nyZ7h6-thTa3ovWS-c-Yu5vFCpaVd1kXmeB3ghs6CjiSf3FDcKxZQRbFjGtZZxYWabaQUnBvm_Hyezdlui53N9yWYkyX10Un7weIXWSpE5yX2-01piS64VnwEEOF6YReNZ9ENvuAm-qBSMdBR0vchL0V-R0FfpPXJEF5ZsjtI8ddRXfqrzeoZE8Z43_baXFuA2gpoYOvR51mZqRT&sai=AMfl-YRiiIQWHgYkMUG37s7tQXy_nHDjvF7HUJ4gi-hp2m382UBh2gh9xyTsbC4hK-ZwZV81o5OJdRwHfWBpm4bc7QLRP9xTZy7HIuwwaIRGMQVxwxkGXjMih4DpCw6DdkOHlY40TH1x_5Mk4ia9ecrdYPTOuO5JoJoDT6BP5w&sig=Cg0ArKJSzJ6YHY47jzWIEAE&cid=CAQSTgDICaaNXAIAX77uS4xnwWQVt8_W9rhksK9V9zgnz54vE_puJvMQ9qVlSjpG6yC3pzhfvetOxYmxQfwJhXmQWl8C15ocDBAESoBhE6YwuRgB&id=ampim&o=862,6&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=315&tls=1317&g=100&h=100&tt=1317&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame DC2D 82 KB
31 KB 15ms
15ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZNiM8gIwc6OXEtUDgVqt99OD1_vuPn6oiCIaOPcYO9bMRxSqxWIcwQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 440F 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0CL7HELa0TwasyubrdyYQmwKJhCUh_5vz8tsl3mEVrcZgFqV6LZk2C8telgDQIa15_8IRQgRQ_CFwCcWKKj11qSmxvZsi4dbeCDg0q3_4wFzW2HWwXgRKet0R3TIfwIDQmt6MVRiGPqCGzfDggfjlzhpL99wHswvQx8dN0X0B97G5zz1IHHz86dWNfVeAMR3FEHGoKpZE4ukXbIPG0PZP9JZwHS7IK_bZDh8Hpz7Z-1GWM9Ds9be4SOAAmyjnr3YVZmHlPqy1X-NomXsKji22ugoXGmilRZMJ1uiStmEKceFAOjWU-PleAB-rfW1H_y26KeAeRyOA80K5wKneT2lkKhQnhxgtND9NOADfzuh7vJLP8jZ9&sai=AMfl-YRyG7NyNRfWfe4CiNMfuWMe2VLBB8KVuQOUok5q5181esmHFELCIaX2v8xqzHbOyULYP2mNr3rFF45YHBLTnFZQFT8mAkN6P14Pfgu0jeQGhlRJzPfAjSo9_GLYcoNMaKZpdvk5vWWBjVKq_cNugpc&sig=Cg0ArKJSzGveM0xwiLcKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:44 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEF1 0
16 B 276ms
270ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&adk=1812271804&adf=2751417943&plat=1%3A520%2C2%3A520%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=3&bdt=285&idt=252&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5496080803802&frm=24&ife=3&pv=2&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&fsapi=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.i8t8z7ctcg3z&fsb=1&dtd=265

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 440F 16 KB
12 KB 96ms
96ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fd29e749d28208486ea5c0e69edff60bc888ca4756700f94696d8f014409b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4DC 116 KB
41 KB 546ms
541ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=50&slotname=9069610239&adk=3566346098&adf=776186319&pi=t.ma~as.9069610239&w=320&fwrn=16&format=320x50&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=1&bdt=285&idt=256&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5496080803802&frm=24&ife=3&pv=1&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.rz9bj4j1mr4z&fsb=1&dtd=274

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511b5ad11c6729baf45b395c053ebbdd80505f34594034e93ad51509fffdbe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 41804
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b-e09f10f-160b0403.js Show response
tagan.adlightning.com/advally-dildymedia/ Frame 6EFD 82 KB
31 KB 15ms
15ms Script
application/javascript 54.230.206.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-114.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:12:12 GMT
content-encoding: gzip
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
x-amz-version-id: bwrbLYkz_RzQr.ZO3AysOhXoD6ST9aXt
x-amz-cf-pop: HAM50-C3
age: 1019974
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31086
x-amz-meta-git_commit: e09f10f
last-modified: Tue, 30 May 2023 13:53:50 GMT
server: AmazonS3
etag: "ddfea6f922859a78124ca70828009df1"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wl50filiiPRzM2bKkV9Z5QTbk1vma2GAmarM-09xWQ7ugBnLTEM9gw==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5DDD 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 72B0 17 KB
6 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 440F 17 KB
6 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D960 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8433 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5813 829 B
561 B 23ms
23ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

03137002ec7e03a0f9a4c4e9e53c690ca2599f0a8181fe829e4da581ec872151

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gbx5KK_dvvWMLVIGXwzUwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Gbx5KK_dvvWMLVIGXwzUwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Mon, 27 Nov 2023 15:31:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame DC2D 196 KB
55 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 213165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC2D 15 KB
5 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 323025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC2D 95 KB
28 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 222255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC2D 5 KB
2 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 235639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame DC2D 40 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 318133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC2D 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 80029
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Nov 2023 17:17:56 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DC2D 295 B
330 B 15ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64507
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
H3 200 1644222377019430292
tpc.googlesyndication.com/daca_images/simgad/ Frame DC2D 58 KB
59 KB 16ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1644222377019430292

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e10ea4452e141196072777fb6998faa4ed260b2343454753f335bd09a79ef8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:24:42 GMT
x-content-type-options: nosniff
age: 202023
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59886
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 04:45:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 07:24:42 GMT

GET
DATA 200
OK truncated
/ Frame DC2D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe6d1a6fa6e449729b0a5207328be1e02d7419e6662b9f87a68c6433fdc80962

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 6EFD 196 KB
55 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 04:19:00 GMT
age: 213165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 04:19:00 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFD 15 KB
5 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 21:48:00 GMT
age: 323025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 21:48:00 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFD 95 KB
28 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 25 Nov 2023 01:47:30 GMT
age: 222255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 24 Nov 2024 01:47:30 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFD 5 KB
2 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 22:04:26 GMT
age: 235639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 23 Nov 2024 22:04:26 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6EFD 40 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 23:09:32 GMT
age: 318133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Nov 2024 23:09:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6EFD 14 KB
1 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 14:29:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6EFD 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:14:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40664
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:14:01 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6EFD 295 B
330 B 17ms
16ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64507
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
DATA 200
OK truncated
/ Frame 6EFD 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6EFD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89c72a5deff252d0a3f5d06dfb415a434475646662133ac457b45260e378984a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6D82
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D10C 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0221 829 B
559 B 24ms
24ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c892d3ab7b8c4bfd83340e7c41a6862db12b0162b7204f1c241cc776298e5f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uqv-CJpZmZeO2szuHvuCGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uqv-CJpZmZeO2szuHvuCGA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Mon, 27 Nov 2023 15:31:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5082739385992939548
tpc.googlesyndication.com/simgad/ Frame 6D82 66 KB
66 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5082739385992939548?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnGjen4FDmw_xE36ecHVhSFV_cy4A

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45141524eff33a3e4e7b9ecea87c24c12f3c1f485b30b655dcdc16a587bb6f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:19:06 GMT
x-content-type-options: nosniff
age: 198759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67884
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 12:56:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 08:19:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 2 KB
2 KB 19ms
19ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 80029
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 27 Nov 2023 17:17:56 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6D82 295 B
330 B 20ms
20ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64507
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6EFD 33 KB
33 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tndeer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 541347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5813 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1089709378602837&rc=
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DC2D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

43ms
43ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76C0 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A34C 829 B
558 B 23ms
23ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ea6f940235ca77ac74063cefb01fcd7a33dd49dad51011bb802014365351c64

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mutuR4EMCwo0RHcYySsALg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mutuR4EMCwo0RHcYySsALg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Mon, 27 Nov 2023 15:31:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F59E 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D2DC 829 B
561 B 23ms
23ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/b-e09f10f-160b0403.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e46b0b71976e3afde4370a2ad7492ac68bf5bc0ccd8a4c6594a86a8fc739a965

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PBMqZqyrpZJFMm_kUAG_5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PBMqZqyrpZJFMm_kUAG_5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Mon, 27 Nov 2023 15:31:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6EFD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

36ms
35ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8433 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6EFD 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:14:01 GMT
x-content-type-options: nosniff
server: cafe
age: 40664
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:14:01 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6EFD 295 B
330 B 16ms
15ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 64507
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 27 Nov 2023 21:36:38 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6D82 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Co4-aX7ZkZZzAO7qP9u8PgqS_4AqsuYihdJ-IpJnUEu3dzImEFRABIIekzo8BYJUCoAGG19e9A8gBAqkCT7jXO0Rhsj7gAgCoAwHIAwiqBP8BT9Brc13sHYFzyQ2UIkevQHDTwYxbzXsW3xcXwpVdsmcp1WuUIwpY0AQeK5AzI01bidkxsbcAh1m3SUJ0MFwZjeiB5oMQYAws1zTI1SVasZhSJFU4iDO2fqRUp-weEX50XgkUl7WwrRs1Bj271W8IoFx6UyvZKAKbWOR7mrq7QkHJJY4VsWxsIv3Q0AcR83_gD0cVpW1yPnxYZjN1txUBxkszqvm2h2CrHTtddDkbEwFoYd6IiCoAOkz60zXXz5YTVVlnMZIitvr_sEJ80WFkf2W6sA9TBcGg7Vj-i4UdTMxUHpk7Hn47u1jkXyBJegNrcPS8PX6doVIA_wtjqvr3wASFp_mewgTgBAGIBZXaia9NkgUECAQYAZIFBAgFGASgBgKAB-KoqEKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCR3wTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgk8aHR0cHM6Ly93d3cubGlsaWVudGhhbC5iZXJsaW4vejAxLTEwNC1iMDIzZWI_dm91Y2hlcj1zcGVjaWFsgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCLvM1P2_5IIDFbqH_QcdAtIPrNgTDdAVAYAXAbIXHgocCAASFHB1Yi0xOTkwNTQwMzgyMjI0Nzk0GITtBQ&sigh=dYSAXDENnfY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNh7sZh7jYuTM-yzYhf5gtSgm_FweyYZHDrunsx-vz9oLojiBnSoPbeOabGnalcXtjWdD6-0Ur-KYVf3SiDZyjmBlkJ0StPioB46EYAQ&cbvp=2
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0221 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=331297425063903&rc=
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A34C 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3453070837078636&rc=
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D2DC 0
0 47ms
47ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1325193152008963&rc=
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2

200

activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011 Show response
5994599.fls.doubleclick.net/ Frame C668
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011?

391 B
326 B

57ms
56ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011?

Requested by

Host: www.tndeer.com
URL: https://www.tndeer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

3ce4cdd30de127e9149802f89d52fd50c212576cc5ccb086e75184cd9360deab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Mon, 27 Nov 2023 15:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90006.redintelligence.net/ Frame BFFA 7 KB
2 KB 35ms
12ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5ce34e062e&subid=&uid=6dbd27e2a4656eb5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxb3uX7ZkZc2DDp70s8IPs5-hoAOm5b2gaYWVnKfJD_AuEAEgg8T2AWCVAsgBCakCEw_QOdxbsj6oAwHIA5sEqgTmAU_QXJuT4cxkZc1H5BNcbAba_7EgiHvsI68zA9BXMadODeLqoHCGswIgCsNgrgZMkMUaK3xtdQ9d_CfqNH4aqnSb9xBH14VwZcadEag9wKYP3HvIeH27Bu9TemohHV_cJ7Ejkcuu5d1jMX7NOLGPmsdzmmLDQFzkKLuWGPYcWlvOvKAzAuLDqgzeKqtPTWV6gm_3S7hDHNXmQ5wf1EHJVt3nUUsi9q4Sw7KZXaA1NNkwOWomWM1HOOQGSH4yu5830vds6o_ANKHUOH8PjWnoB4R_gc82lUS7GJcGcwZwtzf-pBw13bdXwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNjGE_qUHoZ4iHkPUMmozGaDCaB6I4ietBLE6QgeX2P-m51zmACoRVTWgZO8M9ZkvIjRbN8HcVvBgB%26sig%3DAOD64_3UaWS6yiSD0O5CTZ5dMt7wTUn3zQ%26client%3Dca-pub-1990540382224794%26dbm_c%3DAKAmf-AGKSFkcHcKFiHVgu0rJAVfaZpYcfNPvb9WTHOuJ0FklYspLjsKnDTEOMxN5zH1EmSWyLgYNWMw6MaDDgKOJkk_T_21oKzQrq7BEksa98CUq8XUoo7Mg_B02IL4TaW4UTHp8yq-GdZ9C-mgveGu8uBjglYp3tlAd3ve77Jq9_uhamUuC6Q%26cry%3D1%26dbm_d%3DAKAmf-B_q7rHgJ35G1p_HAs7QgfjQNMw_VpDunkI2tIX8jHwUHL3p5L0IPXuFFOUWxSQ-Sm8lBEVmQjdNoYOzO-NccqCToPOx0VhvvBGPR_zRxTpI5cIACwZDGWcuZQDT7kGRb70YeuUhteAsp6WMsbT7_ob6DjIXGK3FzvuJfPLfZAP1JCqZQLA3nneut89-FpwaFZ-XwWUAUOpa58qV-PhALyx44coB_zavoIkp10tK89bKBTkYJ49dy3C4d5RF5Q0fCzQnHTGmMguFeBDMgiem_oTEi6PO7ocaHdyvWlV9wM2xxNIdJbfxky8lV-aQDFdDrbB8urqr69JjXWTat4yr5NqzvmdsTCUu51EEASs7CsoqH77-i-9xPgCJR_Tz3FxWMW0JIlv13SG_PVL5SORJEFHRgXutCWW8p99SQjIHO0xlOO6CwyASUQdIEkZ7zqcTrH1WJMFXy_xL1aqaAdEAQG7B-KP1QkG3CAIU8dHOpN8gyh7XXcf9rmISkhYCt4RK28iqMnmf35Jb7aT0HkeffOMBIfGzF5V8M7ZC8gZmu8ty77EN6I%26adurl%3D&documentReferer=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2F&ancestorOrigins=https%3A%2F%2F1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.tndeer.com&random=4029522595363&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 18d832fd72d745c5012a876befccc5fbe359b001e5a40203aea625a17fe79573

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2088
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Nov 2023 15:31:45 GMT
Expires: Mon, 27 Nov 2023 15:31:45 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 9362 60 B
60 B 90ms
21ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?tc=ce02f64282534558b88ece024409f414

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 27 Nov 2023 03:31:45 GMT
X-ET-Code: 11
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1199
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impression.php
t23.intelliad.de/ Frame 9362 43 B
557 B 261ms
17ms Image
image/gif 52.29.112.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1701099105&co=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.112.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-112-162.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9362 43 B
705 B 191ms
148ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3458780&v=55355&q=466255&r=296283&pref1=84175400131307104444550012521006&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 15:31:45 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DC2D 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfBOZYLZkZf3-C8uO7_UPvpOK-AXvwuS0dKmZ46axErWV_MIDEAEgh6TOjwFglQKgAYfOtN0DyAEC4AIAqAMByAMIqgSEAk_QZj2dH6BlpFLiftaA-L0Czn7taF-wDobGyQ3oXtT-C2GGUStxNdahiq5RVeaOkBv033c9XL4s-A7_-gEFRHYceDgtEsSWVVja_smJVVQu2f9nrwTPHykr83hXeuvYxG4SZUxbfB_TlF_FoUNA02uvRWazY2kGvj1UvjDq4vyCc_XhhEQULJVd6C0nVC-K881FUrEYBXLJDLapWQyxYJb_lal_Ys_-rcaURcezkJIyoGxMG_1FdxHa8VRajRxDMQoRM1_1aY8z1yElMAkyP4bgLoOKru9cc6bTbm5MgN64z30qXweJ0_QSgPqHDnJ1fqpfGK9EWNY86SZXMHFVyEboc86QwATGysL_vgTgBAGIBcWC9rJNkgUECAQYAZIFBAgFGASgBgKAB-GxyyKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCG0hTSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgm0AWh0dHBzOi8vc2hlYnVkZ2V0cy5jb20vY2wvZnVubnktYmVhY2gtcGhvdG9zLz91dG1fc291cmNlPWdhJnV0bV9jYW1wYWlnbj1HRE4tU2hlYnVkZ2V0cy1kZXNrLXAxMC1iZWFjaDYtbWIyLTExMTQyM19kaXNwbGF5X2Rpc3BsYXlfZGlzcGxheSZ1dG1fbWVkaXVtPXd3dy50bmRlZXIuY29tJnV0bV90ZXJtPXthZGlkfYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMIyebU_b_kggMVS8e7CB2-iQJf2BMM0BUBmBYBgBcBshceChwIABIUcHViLTE5OTA1NDAzODIyMjQ3OTQYhO0F&sigh=uO3o3drvwwU&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaN8Epm5egQ8vl6YJFhMPdCT8tPQnUzBH1PGx7PCxvsG6RMymy1eeaTP-YjyvcF6UZN5wtSyZwCoxbUQYM9JbEyZJYUlKdhrKJriRgB&cbvp=2
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D10C 39 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D51E 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9362 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 189f4e8854b6ef11dbf4e25cf2b093945fa888725ea37cb448a7a6b5d3f2a4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6EFD 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHqqnYLZkZbq1I5uQ7_UPluOGkAX-z9ykdOuihM7-EdrZHhABIIekzo8BYJUCoAGN4OzhA8gBBuACAKgDAcgDCqoE-AFP0FkaiNS7KjoIFpwrLEF9O163FETfS60L4RyB_uag5RG62O9FuXiXu02jNwamReasV5MwtB1gcSI6d0h6GiIepR3iVg1m8hUXS5oQzyMu3N6XNoROmr4C0Z6JQxH3_-2ShsG1GzhQkGP2MqN-hLL5-Rf8bKgMSZmag7LvKU9T0GBW_9XSLaU5UeswHC8MgZ7CmnN38FbbwfsMAb6RXILdMSV-qpdM7KXJmv9EPNVgCjon5s2SaW2pS1plJFOzTj6Zg3FqB8pH6Bb1Q-xOZSyT31fv4AfHvr8yd1tcCs1_sF-MkVY-QPu33ZCGejAuxMjmK2CO1YwcxsAEu__ArMQE4AQBiAXA7LKvTYAH25-THqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKqpBtIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCRVodHRwczovL3d3dy5kZWNvdC5jb22ACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMIiZ_V_b_kggMVG8i7CB2WsQFS2BMDiBQD0BUBgBcBshceChwIABIUcHViLTE5OTA1NDAzODIyMjQ3OTQYhO0F&sigh=rpS822Ez_mQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNTBexePioRIunZd9ZjYbX9YofPmmJ_V3hwQKLHyQrHgeK8uk32y-gbKg_Z-Zoioof8qR0ASuVTWTJIQ2LM91k5k-mA02TZJmTJhgB&template_id=492&cbvp=2
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 76C0 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame F59E 39 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BFFA 2 KB
434 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 15:25:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFFA 18 KB
18 KB 36ms
13ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/43862/creativesup/DE-Generic-HW-TheReachGroup-Family-TakkoFashion-627x627-KW35.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 7692c4625924e49d23c756b45736128f30384a52f1ffce6f21f56e8f2deb0131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 18195
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFFA 7 KB
7 KB 37ms
13ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_627x627px.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 7c10c7906e64455b53213ff0702e322d5202a2558c3849c3b1248b70563610a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7084
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame BFFA 10 KB
10 KB 129ms
106ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/72523/creativesup/627x627_winter.jpg
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: a755449d5dd847a3a7997f0b14a74f13e3432db00e90e4391c8ca9b722e435d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:45 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10437
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D51E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJOEeKStxdKHFCjLn2xl1cBQ8-Rl2tVasrU_7E5oqWaRMVY&google_hm=wAZaXYSMs...

170 B
188 B

24ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJOEeKStxdKHFCjLn2xl1cBQ8-Rl2tVasrU_7E5oqWaRMVY&google_hm=wAZaXYSMsXSLyo-bwD16dg

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSgtJkBoJV_1GnQhwaB_BGq06CJeunaEPz8dEtup8beMwZL_FGfkJOEeKStxdKHFCjLn2xl1cBQ8-Rl2tVasrU_7E5oqWaRMVY&google_hm=wAZaXYSMsXSLyo-bwD16dg
pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame D51E 43 B
426 B 163ms
162ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSBupxuKiHVTs9xmaP0J_y7ORt2ru8-OJyHRb8n9xGh-cz1cWf7fVWdnpf-b2y0jjc8-Z1RomPSVclhrf5W00GZMeiNxjNaOQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBupxuKiHVTs9xmaP0J_y7ORt2ru8-OJyHRb8n9xGh-cz1cWf7fVWdnpf-b2y0jjc8-Z1RomPSVclhrf5W00GZMeiNxjNaOQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b821dae91ed-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D51E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEP10tjPBySkuyYcaCv_hR1s&google_cver=1&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_hpcLJ0EgS8hC5Pw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_...

170 B
188 B

24ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_hpcLJ0EgS8hC5Pw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7BA0FC1F09DC4F62A97998A84C3B3642&google_push=AXcoOmT2FQFs4q8mvimvUaIJG3tPJA-GBVscWt8IY3_zqtojaE0PH0DK9Eb8xJSVE75KXYWRnPdtgwsWQR3pqa_hpcLJ0EgS8hC5Pw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Nov 2023 15:31:45 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame D51E 0
98 B 62ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQock49oNSRvIAZYO0WbKNN9VsCLPksR37dtwX3uBQWSDngEPQmpHiHp8KwT2ZMOvyI5YJO31bj7U00eGugExAadXcOxftM7dI&google_gid=CAESEOguIzqraEUxwytxLHF7J-0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D51E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKdUTa2-iJ_lSGDYyX8zWDQ&google_cver=1&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKdUTa2-iJ_lSGDYyX8zWDQ&google_cver=1&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDc3MzAzMjM0NDczNTI3OA&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqj...

170 B
188 B

27ms
27ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDc3MzAzMjM0NDczNTI3OA&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG5-u-q62blOI0ZuswuG6Hnw

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3MDc3MzAzMjM0NDczNTI3OA&google_push=AXcoOmRamD1shnMCh3rikpsmXCQm8ruZ1XEUZMU2hjxbMF_zYLtsQEAOs42QJFQt1iYCQ_14WAzPqjjG5-u-q62blOI0ZuswuG6Hnw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D51E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJfTHkobWEAYjTPQOhFKvx0&google_cver=1&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E3OGSy_TUYNgxg6NVPfI

170 B
188 B

24ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E3OGSy_TUYNgxg6NVPfI

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9YGLmUZ_6RWapd3XZfpOZBoQfgyayR97ZXS-oGZXT-UsEd3szVrTajBhYnWwXfZQBBeSZBzq7XY1E3OGSy_TUYNgxg6NVPfI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame D51E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGmcDRVMxU5c...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSGY7G2h5mOc8tRiOF4a_2OMqOElCG-ghrtSF8g2BzC1hb3PYQTfqq9ANwDOodudS5EkhauSNWwNv_hmI2F255QXP0soyzPL_U
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

122ms
121ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4398548113&adk=980766060&adf=3173046726&pi=t.ma~as.4398548113&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099102707&bpp=1&bdt=239&idt=339&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4196359418440&frm=24&ife=3&pv=1&ga_vid=1048599374.1701099103&ga_sid=1701099103&ga_hid=1659134412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44795922%2C44809315%2C31078297%2C31079756%2C44807764%2C44808149%2C44808284%2C44809057&oid=2&pvsid=2074182313561847&tmod=1274969218&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.szjb3w9beyac&fsb=1&dtd=344
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Mon, 27 Nov 2023 15:31:45 GMT
pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D51E 0
12 B 23ms
22ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_q1ueSmatFGW_8FGKT4zz20mjCsGJP-LzykGm2lFzMQAyDqwRcBYi-oBDYzFaDJa_ZBil0Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D960 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGObKX7ZkZcT8Na3NjuwPw5O3gA0AAAAAOAHgBAI&bg=!ZGelZyjNAAZxrfrxUa07ADQBe5WfOLXRe0tfcO5V6iIUwKS3PK2IVLBDhrCDd6gwqlYgTi1Samub7JpCHs55DrcP1fxsAgAAARtSAAAAAWgBB5kDNyKcdX8K8u-2JPtjRZDD7LYIYcwsPO1sRm44TTfPz01j8WUT5vvyxXOZIFNnyFo0xCuBLRGrFGX2iTzQ0n8wQZ2eKpxeG5Kjkbv26fI9NAam4pQDtUIhaQYr7I1Fm0x3zGclWdUHqNYN6XAF5s0vYaxwZEJOkieZWU8nD_9C14Bn3jbH_um8_ifr-jHj-PKHrmEWnizbWzmQvalbqeB1E0PjhUuTOkOb91fwzWo0vsjgEztdC8ihGsJdEeTDVu0nMOSoUQ1o7TlzperNxcAJ3tLPGw6x9VrreF3yYz-LB2mdwoexHZrG5hdwZc2YTuv2go7KDH3A3h79ZSbjqjJD0E8NehYHmMIV67HhtdEu5HK6Pll6xYxyAv7loR5BoDWkT0ONfH8yymU5g-Vsm__o37a6wrCAvUiis7u-6RspBP7PgvNlBF0UAlbUR6aS2n6W-dN3-fU8MHaA5Hk9fs_MSLGGHFpT9CbZGVNzA3qNAmEej1kRxBrno7LKDYMbDyQsI5p8zK0MGd_IXa0XFznZ4EQhDyeKj83tnsIDoVObWQCe_DaiSmarfG1_j90GnxrmJN3ps_JUXQTQcBPmKZE-d_LpUFWaX7JATECRubBBBIUm2CXNzcTE6BCwo1GjBDj2e9GVmVwhmBK2pKwzwkS3jKLv5pE-7tg_5zS5rbU7v637_FC9ovCUzbv3HM2wZkOb2Z9k_sT6kaGeteKt963NcUxgizrp5kkFa5VPd_3bSCRauD1aReBoeslQ3guBGJGkCXvBL4ScBmrc0DST6cJ1oGWuDNMwi6lNh5JIPTreu2mXDYe8s0ITXn1537tN_9KlMAAep_5ClS0hldOh7qv8kppFhXsouJKmALtaUvlfDNdQ4pUIrnug6vcAVmRlxXdufHDEkc_879R5M1xblYZqmLsCVALExkRxu3aK5Qlr7jO1z2beGz-lVL1ZvkiREu1VbZAkfIlS09ey33jCKUOsLCr0mYxCemfZF2gojIriiqPn3DUcSQo56VFKDxdNms77lt40VE_MJxWtdCzm83ThVzRG0P4qq9vwNtfsuFZsFfMchluya40kISgnYsHqDgQqlGKLKj-QXLE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90006.redintelligence.net/ Frame BFFA 0
150 B 35ms
12ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/viewability?s=84175400131307104444550012521006&a=a5e4bcd4&vb=m
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90006.redintelligence.net/request_content.php?s=84175400131307104444550012521006&a=5b5e0a78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 15:31:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8433 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3y5B9w
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011
adservice.google.com/ddm/fls/z/ Frame C668 42 B
401 B 88ms
52ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKPjqf-_5IIDFZxVwgodlCcHPg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5458306586458.011?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B4DC 14 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=50&slotname=9069610239&adk=3566346098&adf=776186319&pi=t.ma~as.9069610239&w=320&fwrn=16&format=320x50&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=1&bdt=285&idt=256&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5496080803802&frm=24&ife=3&pv=1&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.rz9bj4j1mr4z&fsb=1&dtd=274

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 13:55:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B4DC 2 KB
831 B 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B4DC 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B4DC 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 13:27:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B4DC 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4DC 202 KB
64 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame B4DC 37 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D6E 1 KB
643 B 13ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D10C 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wgSYNQ
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 17890956782783267857
tpc.googlesyndication.com/daca_images/simgad/ Frame D75B 20 KB
20 KB 16ms
16ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17890956782783267857

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c87df546521da99c84acb1144da3a398979e91a869a54c28e6732647c6c8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:30:15 GMT
x-content-type-options: nosniff
age: 266490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20076
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:23:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 13:30:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D75B 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D75B 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 13:27:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D75B 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D75B 0
0 22ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaGNo7NGsnjOAnc1FJWxcjyYvd8Uig9M4OWjMZV-OiBqwwxM5j0JC2PO5oWYbuEpdl-X4rXMnSLF2qcIjLps92unKLrg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D75B 202 KB
64 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D75B 36 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:55:10 GMT

GET
H3 200 17890956782783267857
tpc.googlesyndication.com/daca_images/simgad/ Frame 72CF 20 KB
20 KB 15ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17890956782783267857

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c87df546521da99c84acb1144da3a398979e91a869a54c28e6732647c6c8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 13:30:15 GMT
x-content-type-options: nosniff
age: 266490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20076
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 09:23:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 13:30:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 72CF 23 KB
9 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 72CF 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 13:27:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 72CF 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 72CF 0
0 22ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgB5qpHm-OCl0bcTZQG5soIc1Pw-hbF6CYKiSE6uuus5SBrYVtuhNReD8nye-LnlIzk8FmtSMdIV6G5OD0T0jIiyPjuQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 72CF 202 KB
64 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 72CF 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:55:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 76C0 0
12 B 14ms
14ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Imra5A
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 591C 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B4DC 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e9f344a1e9f4ee7d963030a61fb3899d5385f4f7db6b4f95f11d72875a0a494

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2C8D 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DAF 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSmgl8d1rykONzrCCkAi2pZgfGNcVCPfkp-1aiiuq-R3Rfe-7toYcKIo72ckI-q8lCaSGLyqboGNq2tYnA65ld5EaJkAuRqIt1353fLuhrGbjg0C-MxKM8RMOhF_WyVostg3QTstHuaykRJbRZzIwN-mE96BsNcWXMt7BTqNhqYG8TuL1LDEmd1EUBHE16c0E8hXNvagvM91h2wxfygGhX46XuULuXPxLgbDqneU6lL6Hs_SUzWpJia2U0noY2_39aGLrYV_OD70nKe7AHuPOMBSgcoQkgGZ7cuVJYunh1Qx48bWabql80JH-BKaTUBwbJDgd7V7M8Q6nAYUZ5AtbXs4KpXLwW90-Ch2eMQuA&sai=AMfl-YRBtrUlowZ4OdTCBpXHgne5DLCl-r1-ejxRXp2f6D0gqjRuvW5XdiAuCSg35J9dMTwSCZYrQ3iSPSt7Y30eDfbyzwzNN7jadgPEt85rWFmMnsBv9-eyeXs8EyZqVxsSJ3SyHZACfPvXQcnoGvYK8Mo&sig=Cg0ArKJSzN9bHihZvsc_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5DAF 16 KB
12 KB 64ms
64ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6225d3a3a1e538d327b7654cd364041767e3002cab0110b03dd6eadacb13fd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12181
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F59E 0
12 B 15ms
14ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OAasbw
Requested by: Host: www.tndeer.com
URL: https://www.tndeer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D6E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0X...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0XMtzCPg9o1YjQSav9otFSY-KgdmMtCYxsGNnXcP2c2CNHyXxwxnZfhco33X5A6nFsQ...

170 B
188 B

25ms
24ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0XMtzCPg9o1YjQSav9otFSY-KgdmMtCYxsGNnXcP2c2CNHyXxwxnZfhco33X5A6nFsQoIXbEJS2yjtx0j2hL7ukDSHgO0yLblcMBwg&google_hm=wAZaXYSMsXSLyo-bwD16dg

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRj8nOhn5H6QdzBKkuxxcxMttBwQRceyS6XvrsVg3jIIOKkeT2-0XMtzCPg9o1YjQSav9otFSY-KgdmMtCYxsGNnXcP2c2CNHyXxwxnZfhco33X5A6nFsQoIXbEJS2yjtx0j2hL7ukDSHgO0yLblcMBwg&google_hm=wAZaXYSMsXSLyo-bwD16dg
pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 6D6E 43 B
601 B 184ms
183ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmT6nXfyDy2Km9ICwwaw1y92Z1Q_duxs3o1YDS6PhFTbOCn3zAcJdPngsYTfvpcyDtOPeCAeEfKaQKHUQVKvWpxMJCjfm7_LfSKXFmfp3OCasZRnJcglpPjxqXSn-d32DouUszBnxUg1hi8N_LK6g9ZM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT6nXfyDy2Km9ICwwaw1y92Z1Q_duxs3o1YDS6PhFTbOCn3zAcJdPngsYTfvpcyDtOPeCAeEfKaQKHUQVKvWpxMJCjfm7_LfSKXFmfp3OCasZRnJcglpPjxqXSn-d32DouUszBnxUg1hi8N_LK6g9ZM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=50&slotname=9069610239&adk=3566346098&adf=776186319&pi=t.ma~as.9069610239&w=320&fwrn=16&format=320x50&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=1&bdt=285&idt=256&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5496080803802&frm=24&ife=3&pv=1&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.rz9bj4j1mr4z&fsb=1&dtd=274
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b83dd961d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 6D6E 43 B
146 B 32ms
7ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGBHNo67nP_d19F6BNtGR4&google_cver=1&google_push=AXcoOmRsXlWjqPm34vAjh2x3fE25d4jznG1F-iMJlIbHLT6-8MvzLvtOnwtSAwxTQoNUGE5CA3QnzxqFiVW-t81MNDBGK15UjdyjOMg9iB7yZ89YjVeUj_9z41oHF_kGSePwVtEnMp7bW_XZZpN8_dM6ZkcF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=50&slotname=9069610239&adk=3566346098&adf=776186319&pi=t.ma~as.9069610239&w=320&fwrn=16&format=320x50&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104388&bpp=1&bdt=285&idt=256&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=5496080803802&frm=24&ife=3&pv=1&ga_vid=378098407.1701099105&ga_sid=1701099105&ga_hid=1731579506&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=320&ish=50&ifk=344442807&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31078297%2C44807764%2C44808148%2C44808284%2C44809057%2C318512601%2C21065725&oid=2&pvsid=1325193152008963&tmod=719633290&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C50&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.rz9bj4j1mr4z&fsb=1&dtd=274
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6D6E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14nH9al6gJA8b3u9N8LJtyPZsShrRoZ1xbnYwDGT...

170 B
188 B

27ms
27ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14nH9al6gJA8b3u9N8LJtyPZsShrRoZ1xbnYwDGTSwEsgS-0AhRY8QBfek_zUg-jg&google_hm=eS03aWk4WlhKRTJwRUZvTUQ1c2wud2xDdWVfSmZrdFZlMH5B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGFqjuv_4Dgve6sQy0uQBbaceoa_I6s-1FOuJsjywy_-F8HezPI9FzD_W6txY0DkLItis9Gwf3pyQmeSdQI595l14nH9al6gJA8b3u9N8LJtyPZsShrRoZ1xbnYwDGTSwEsgS-0AhRY8QBfek_zUg-jg&google_hm=eS03aWk4WlhKRTJwRUZvTUQ1c2wud2xDdWVfSmZrdFZlMH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6D6E 43 B
363 B 61ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRSGi1fVS_hZbkKdKs4qmHutPuT2mAk1tEGLn-uJV4c7pU9u1vaFiQ9QvM9sEn3nX3VyrsH0BlaOEaPwBZFrkRRA4z5tz8j9G-IARJ6n7kdXOMcuFmYlOTmJMA0T82Pq-pnDNb2bAyx7kFw-Gxg72nsWg&google_gid=CAESEDZDrmLYriaqQ24d-5Nkyqk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 243177
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D6E 0
12 B 22ms
22ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGm9J97nCR28Rxpq_lIobVvrdZSpzV-VNIbZy9gKNihnCacPU3WILo_wc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame D75B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bb726f7d11b0e22a40ae1aa1e7e3c70b77274a439432778cca9b9248889bc80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B4DC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b14e5107dd8ee33c7263894f875c6638ed13cc42590a7d698b86a834acd9935

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 591C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbH...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbHjAbSDmJF7GOP65dOVJkBMtIVukO24OievpOxH6HyKY5A&google_hm=wAZaXYSMsX...

170 B
188 B

25ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbHjAbSDmJF7GOP65dOVJkBMtIVukO24OievpOxH6HyKY5A&google_hm=wAZaXYSMsXSLyo-bwD16dg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTVXS70S6c_IvLCpS1ZCl6sI87qZ3-gqIuS8kvllK9-NDX1pXKbbHjAbSDmJF7GOP65dOVJkBMtIVukO24OievpOxH6HyKY5A&google_hm=wAZaXYSMsXSLyo-bwD16dg
pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 591C 43 B
569 B 178ms
177ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmTgcDjlM5xciB_5JDRNJNIP0xjdVziepR8j723i3dw2E1Hjhg1W-SicysSOahP37u7wED6IvSy8X1mS_YLIzWytQSgW1BUaAxE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgcDjlM5xciB_5JDRNJNIP0xjdVziepR8j723i3dw2E1Hjhg1W-SicysSOahP37u7wED6IvSy8X1mS_YLIzWytQSgW1BUaAxE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b840dd61d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 591C
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFchZRubdSmeRnzF2dldtSQ&google_cver=1&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-OM9Q7GdwSn1gmLpA&google_hm=hmVktmBqCzAm4Z4...

170 B
188 B

26ms
25ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-OM9Q7GdwSn1gmLpA&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSlhQmi303t5z9xHMXyt2xl3DSa5dUtIdyezy0J9dG5PfBPhY9p9M0ZNHXKKlEiT73SQYQovpOx9Klvb-OM9Q7GdwSn1gmLpA&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS
date: Mon, 27 Nov 2023 15:31:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 591C 43 B
145 B 10ms
8ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGBHNo67nP_d19F6BNtGR4&google_cver=1&google_push=AXcoOmQmKHKSVL_CLzwWZQzYhdHgz_GVFypAu4Yt6ilsfDc4lmHqSuDpyGoM2DxRJ-xPCDRtbejDseGqCNLw5ZDbw26hKS3V4MNMeds
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 591C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXF...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXFWVPoVK4U&google_hm=eS0zNUtsT1hKRTJwSE1...

170 B
188 B

29ms
29ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXFWVPoVK4U&google_hm=eS0zNUtsT1hKRTJwSE16dmRYSUpMQTJEQ0cxY2FCNFYxcX5B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR7HZ-ynK1g3F-tyV112WrHYvKDvWrL99IY1ZR5v5M9iEScWPQskjpFmfZWsbrLD0NZt4x5K1_Yh7BaP6WK3vKghXFWVPoVK4U&google_hm=eS0zNUtsT1hKRTJwSE16dmRYSUpMQTJEQ0cxY2FCNFYxcX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 591C 43 B
362 B 28ms
17ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS0NKTzxXYekWP05RHU_x724dKY-evMNH4playE0wccc0-jW2scMYtpkB1GkbFy0KQk0hzWwhltHgGkaBNVsbDdk3YAr3HoShY&google_gid=CAESEDZDrmLYriaqQ24d-5Nkyqk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 235411
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 591C 0
12 B 23ms
23ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTlzstYJ3dAMh3ICWLnFId0H-Uc6KkO6E68PWmHZzggf_GUDLRzpRj70f64bbDpA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D75B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8I5wYbZkZe-6ErCmvcAPgNacsAmLyKStdN2Fw_KAEsCNtwEQASCDxPYBYJUCoAGHzrTdA8gBAqgDAcgDyQSqBMoBT9AXQ_8fvY8ZMP-QB3XfWdF4s8zKpDUvlqe8IXEtvwqFeG1s-WYdecR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228611242264511927686%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22...

0
0

49ms
49ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228611242264511927686%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001203463%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223749767251259984145%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8611242264511927686","debug_reporting":true,"destination":"https://shebudgets.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001203463"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"3749767251259984145"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 15:31:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8611242264511927686","debug_reporting":true,"destination":"https://shebudgets.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001203463"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"3749767251259984145"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C8D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwvRI3TpPQwymd-z6GQqxw&google_cver=1&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7GWPkhdjvq_KKAt_1_PNKh3WvvaQSNn2caLrVAweV_rLdhN&google_hm=wAZaXYSM...

170 B
188 B

23ms
23ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7GWPkhdjvq_KKAt_1_PNKh3WvvaQSNn2caLrVAweV_rLdhN&google_hm=wAZaXYSMsXSLyo-bwD16dg

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRxxXh2nH7pXYL1c0VofX5lsTIPz5X2Snlq4Zc2kuZSbvgYJHhHa7GWPkhdjvq_KKAt_1_PNKh3WvvaQSNn2caLrVAweV_rLdhN&google_hm=wAZaXYSMsXSLyo-bwD16dg
pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 2C8D 43 B
577 B 182ms
181ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEBrD5lSKwLutRCIcPBAsaDk&google_cver=1&google_push=AXcoOmSry7gwKKSLCHmHbmzXfygG-yAmm0Iz2NhxmJDE7MHdSskPksRHcQQfBkZOFKd30HJrWR3IcPZ6c6UZaKn0b1ejihlGtzTNwII&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSry7gwKKSLCHmHbmzXfygG-yAmm0Iz2NhxmJDE7MHdSskPksRHcQQfBkZOFKd30HJrWR3IcPZ6c6UZaKn0b1ejihlGtzTNwII%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cb6b841de31d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C8D
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEFchZRubdSmeRnzF2dldtSQ&google_cver=1&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCR...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCRf4bSPddwgRdH0iRwp5&google_hm=hmVktmBqCzAm4...

170 B
188 B

26ms
26ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCRf4bSPddwgRdH0iRwp5&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSOV7YPmoKtfTXK54pUmBG8AzlUzB-k4JDkpX8KrLYWrps1FAEVuN9ng1mUWtSLEDNz7S1YQAXMyFegCRf4bSPddwgRdH0iRwp5&google_hm=hmVktmBqCzAm4Z4sxw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6564B6606A0B3026E19E2CC7BLIS
date: Mon, 27 Nov 2023 15:31:45 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 2C8D 43 B
145 B 9ms
8ms Image
image/gif 35.157.183.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENGBHNo67nP_d19F6BNtGR4&google_cver=1&google_push=AXcoOmSHew6lOdaXJs5GEci-wRfvZuR_khcPr39j45Ff-Y_NuVg063R7xZdLQaISJOWDube0ScAyjmD6-DHHE8fP28rEceZ6A_1y9Rdp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=6443446896&adk=532531498&adf=776186313&pi=t.ma~as.6443446896&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104129&bpp=1&bdt=265&idt=301&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=1786289064866&frm=24&ife=3&pv=1&ga_vid=48642366.1701099104&ga_sid=1701099104&ga_hid=870202208&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42532605%2C31079437%2C31078301%2C31079757%2C44807764%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3453070837078636&tmod=240050064&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i5st5gniio21&fsb=1&dtd=354
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.183.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-183-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C8D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG4MqSnzZFXvHxKugQMZoX8&google_cver=1&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga--3Yh3CNt&google_hm=eS1wU3pFN0ZwRTJwRV...

170 B
188 B

27ms
27ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga--3Yh3CNt&google_hm=eS1wU3pFN0ZwRTJwRVB2VUdqS0pIZjhKdTZXcGlkaEJvR35B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 15:31:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRF6jF4DeGp7BLOtls9n1gqwOQcbQ3B2fEsERCpr4f_OP-z19zBED32e4kP7TLYrUuQLebtz8CvM1agEW0QfRCY8Ga--3Yh3CNt&google_hm=eS1wU3pFN0ZwRTJwRVB2VUdqS0pIZjhKdTZXcGlkaEJvR35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2C8D 43 B
362 B 22ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQyTHGCPsQ-S3k1DVi5mCejhU5FziO5lxXIVJXqSS-sUjjTx__diuZhukDma2NFd1oRML-2hi09iAuTLA_2AHv0IwlCfmboUOJu&google_gid=CAESEDZDrmLYriaqQ24d-5Nkyqk&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:45 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 216564
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2C8D 0
12 B 21ms
21ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8hThX2W3acGir4zdQTi3PenJ-mo7QLZo6OyC1dQ84HcDHcuSNL132j6aZq1beBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5DAF 17 KB
6 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:45 GMT

GET
DATA 200
OK truncated
/ Frame 72CF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6c70b0479ffad4b72537c76f50f86531a7de1d2cc9103a4f090572e0410bf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B4DC 33 KB
33 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 541347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B4DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZoLqYbZkZZmCD6n0kPIPgMWVqAqrm7m8dM_z4viiEmQQASCDxPYBYJUCoAHd8KrAKsgBAagDAcgDywSqBMkBT9CkrKVHaO8fdvHRO6riuTJOgDd3ocIMPe-covGyG8xLVgv-rGu6LK1i5xa...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222996150981552255176%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%...

0
0

48ms
48ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222996150981552255176%22,%22debug_reporting%22:true,%22destination%22:%22https://pdfixers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211409209437%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210561525227670580545%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2996150981552255176","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"10561525227670580545"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2996150981552255176","debug_reporting":true,"destination":"https://pdfixers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11409209437"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"10561525227670580545"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 72CF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWoYpYbZkZajKEqydvcAP2-C9mAmLyKStdN2Fw_KAEsCNtwEQASCDxPYBYJUCoAGHzrTdA8gBAqgDAcgDyYSAgASqBMoBT9B5tQ3mnX3yY6TJYuSmFWrv5Th21pFowLkvDH0F1nYoA2r4ueu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229735950892394184970%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22...

0
0

48ms
48ms

Fetch
text/css

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229735950892394184970%22,%22debug_reporting%22:true,%22destination%22:%22https://shebudgets.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001203463%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215173731933980703425%22}&andc=true

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9735950892394184970","debug_reporting":true,"destination":"https://shebudgets.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001203463"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"15173731933980703425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 15:31:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9735950892394184970","debug_reporting":true,"destination":"https://shebudgets.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001203463"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"15173731933980703425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 65ms
65ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ace35f59348f03f1ea4da7b5917ea1b6a35c3ced8ef232b36d10a7efe0388df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12363
x-xss-protection: 0

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0323 38 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 14:02:30 GMT

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 78F7 38 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1990540382224794&output=html&h=90&slotname=4350446651&adk=291194909&adf=3173046723&pi=t.ma~as.4350446651&w=728&format=728x90&url=https%3A%2F%2Fwww.tndeer.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701099104028&bpp=1&bdt=253&idt=341&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2328295226496&frm=24&ife=3&pv=1&ga_vid=2082643090.1701099104&ga_sid=1701099104&ga_hid=1820844652&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1270628140&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532600%2C31078301%2C31079654%2C44807751%2C44807764%2C44808149%2C44808285%2C44809053%2C44809072&oid=2&pvsid=331297425063903&tmod=831702984&uas=0&nvt=1&etu=AA-V4qPz2LlEaUfRolb4bhQOzDCTJ-qCXct27nN_heFDg_iFenM21oVFX-ap7n0kIa7aUAFlru55fctE&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.jh9pwkeafsb3&fsb=1&dtd=445

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 14:02:30 GMT

GET
H3 200 unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js Show response
pagead2.googlesyndication.com/bg/ Frame E5C6 38 KB
15 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/unVwOGQH9SsIcJBr4Xp3HcCvUJyc_uBy8Ir4YHk_V1Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 14:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14990
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 14:02:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
48ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 15:31:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F22 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 852C 829 B
559 B 25ms
24ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88e4df2156dd03cf9beb7da7d401b39c7426c9f45ac869bf9ebd1cac6c57df2e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6llS7d-v83Cx5yF1PEt-zA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6llS7d-v83Cx5yF1PEt-zA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:46 GMT
expires: Mon, 27 Nov 2023 15:31:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
52ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 15:31:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 49ms
49ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 15:31:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 15:31:46 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 129ms
128ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=wDHBeByQJEZmkKqwVnJEHCVaZFJDSmhg-FE7fPshldVrrKD4c03zIFUjD-E03BPc1maVvnMQ==&pm_ct=14347892e37237b11cd95a33&pm_pl=1701099102073&pm_td=4061&pid=1000177&en=1.1&callback=__pm_glbl_1S7zRll7gDlE64im3MZELvwk._gc3&tt=opt&v=a6bb4ea
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Mon, 27 Nov 2023 15:31:46 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 852C 0
0 48ms
48ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2074182313561847&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F22 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4CC 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5464
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 14:00:42 GMT
expires: Tue, 26 Nov 2024 14:00:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2019 829 B
557 B 25ms
25ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally-dildymedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ad5e0ebff4f77802ba9adf510db1eccd513a6e259f12f8fa983b9eb770849e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3zYe_E6ww0nbnntsdT0ywA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tndeer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3zYe_E6ww0nbnntsdT0ywA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 15:31:46 GMT
expires: Mon, 27 Nov 2023 15:31:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2019 0
0 46ms
46ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=1392872817795943&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C4CC 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 13:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 13:00:51 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F22 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oy7XhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4CC 0
12 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FHwK1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:31:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C33A 0
0 49ms
49ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1089709378602837&bg=!SkmlSQbNAAZxrfrxUa07ADQBe5WfOORuymTnx63iIRbJXc1uLRKb8K3bxbv8EDPM_deT0xmD-J3C-z32KS--Xq1FDvDSAgAAARdSAAAAAmgBB5kDC-XpTcuEOmCX0dgTPeWjOQcOpNeADdfTy5iksgy25-l2CnVov_6xa58WGyDBU7n5Ka7veFVr8ONi2WxtHZKULIM4ecpFo5Iw-lijf_zFLO44gMNzI7_fGFvFOR9ffkm_MACQSZ_HNJ5qUWh4kFMakofgixIHlWNTQ23yKpLMcRzVGoDmdjiAQQw420sLnVZiPFrb7-wEDYbUYCcaFG6PxUYr5lT1ifCtAAVrf5x7oI6Eha_Z4YgNlTXf3e0DQsz63OYh0oNkuK9CAmtzgWYZnEWXVQUkycSuCewAGtwKiv-FWu9lW3sBgsz_qKGCy6p9GQl8rh3pku8H4gfJ4EtESECT8gVHfaO1xIVzL3AgFj5bcSb0niNTW24ZnMmKWq0Oa4m25QxPkdM0Q-aFtwm5NCErPRRemGrClhYQZvgHw2eTB4krD7Kt_VDUcB6k9CqfMryreJpxXOZMLaR5i5nhEGpRkbD-idH9UvsTL8qAkkP2DBP3las0ZGS56igwlDGgzcIJHJZBmOSXwxgmYx-57zGiv6JIMSJBZ1wudOApHAjqOKDSkjOoWSE5MrlpkVihBAkcCRMqlbYm88wnumy2cQcrGXOvpirQtTduSxu8VmeJ5noLVQfzopcxLt16Y0XGhEGC8mJ5YFOoYvHlHK5jPhPXmUt_mUgSwMgvAT7-3HKxnYgMdrZMMjKWlSErN2h2P34aP1vnC3BmBY8-eODIDhKMRA6gFYLSwo6rBvQHuFCaTPqGXqagRvUvD0xlK7l_FoqwqpRWK7Bm0arPiQ85NJdpCv2z9vBC3gztjd4OU7nXzLtLLrwYIQCo6boMvSmNhmfjqODEBhB7bYU-PM0AEvW2bWPko8F1Tlj32oqHdd8tgLTheGEHloVwDrHd2oi5coQlAl6iQqh4vqVMlLyP1tPlJXH2jSzyevjOclUG08qQV36UOIpE3xrMnqth2o2VwnJxsscQ1ihCkUwqzyMb4EKdbQL-KUNIf3LonsB_VxfTsr8E9zCIZT5MKtJ8QyPt884-2t_uxBSLFqj_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DDD 0
0 51ms
51ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=331297425063903&bg=!6uml6abNAAZxrfrxUa07ADQBe5WfOPo9bES8mn5kKUEg_S9B8knGSkLGPLop9V7zCBZ4roDQv-YToGUTm9TOcS2aFmSCAgAAAOxSAAAAAmgBB5kC_zclYqy0bVB4ikebPBrh-ueU9C4sCNnLESwlKNrwjuoS60gzZbN7Rp2VD3u9iXgfg0k1xHRrm6jpiQVU-bdefGHfAEy4ZbGBUoM599CgN5fckuY_5GbKw1k_NxovhZkiSKqzvZrjc7UYTZtFJamjYE4FLgj_xzefiCZzqU9w-cXGu9T1S2iFR1JlQDBW6z5sXllarcNUpFIumI1TN2peIbMeM5CmjWRx8CyRw9hQ3iMB0K4EPQzIcLzMK1xz4IgJsXub881W8EDE6reCisVAV-0mBF-jPnIISZM1f2ekTzIeq6PLW5ZK_Am1Rgeu9Xza7feALkyzx77C5IjZoPcMRTH1n0WPPYZenPbzibe2XKFEpCGSpzokoyGbmsSfHtgjqDE24ZBRaNtbaMClFqZKyano4H-wxmnY7kYhhsQiwlDrJIxeQbHkF5QclV_ojq8WZVMtBxKP4n2GfShtOVgsQXTvypMEZqWKEluZjuit5l_NNBxV68zluwJwq0psqwQDC-zfC_w97-ydkPHer_i11WUni07jdndWqD4S-QLuxY_4mf2s_InJHtKPBe287MiP_mcWC9GHZZSUEKzIKDpTsd1-ia9YxhKy4qJpkw7RCEFWLfhCLJTaD7K59TZGQUgV-D6JNfOTIxC3Gi2E9NE4m64EYq4Dgk9TfyuBmXcJHo4be2tdmyMGaapKL_ellHcZSf9LiR6U05d5cfKnj5NbZzD139k970Cmp7b3aapXg5ahulvPZeshsc-ZU-wYMd2CtgH8NYP0y8yCgvTNdkZP5PqiaR1G0MtS83xoD7UIEYO7XqqtEekSbW8PChrRqG7mYi8e_hxTgxgiqDkiff0cAERQG41QYIi7y95l_wNR8qmnuBckQJDDlytpKRd65Wf3wd4IRWIyqe51cApFpHTlSw_BuOyTuzppTwResFcj2ucc9gT0M07C1N6UDus-5AyiKlPrjOfMWobiV_1lmq8JdB_k7BbTL8ixm_DVNseKxk6yl4maw0zJ-kEdymFB_HHK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 72B0 0
0 49ms
49ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3453070837078636&bg=!JiWlJWrNAAZxrfrxUa07ADQBe5WfOExUnlPCyIhyuSwbBceu97jiORfgO2QR9eAJWBqv9L8oBv6cYOOzI0BikngptSCzAgAAAPFSAAAAAmgBB5kDD0Nk1dMeSxAUSh-fl-r8gF987FVrh6rl_3P2PGM-_UKK04Igasal7KxkQp0wpptejqPLTnI-Yw6vCgapEKAwCkzAZkCrigr98h3n8yxrD1S3lIIJplBWknK9rint8gr7lzeYNtZLl3EwG98EfAaawIMTzOmmzcU4WZ4uL_Mn2gokufOefzbhIoW23aMemICgyniRZre6eHAnAEO8KFbbQbjK-LcfQJY5Jaf-h6865kzIcBVqM-YOBg50bmn5SMDkMQqwMdeedQV8hVRZLc93_xZQ6iScmlgjbe5BHIxrK88faWqEirUzxpOWy66uoG0zj4mjnBmps4wp9gXcOGjNk3KDzmr-d4i2e0DPxP9nmLm6Lm9AiHPxsq3yRiYBhqLVw3WN5ifGJ-WIj6repSVu2UnL3EkZfvgtbRKvBe17Y2fEChxTToVfHmFzmXHZH85cuzDMuev0fq0BjEJAwFSRTsMQSOhJMMENdVfvZN9c8U46FXERMblMNyzESfc-xFRrZZdwDz_G-zKfZoZxSTqctZA5OUa6r2Qr_HecK6Lg-SHscnpl6kTMcemIFEkPdV7-uQNlqekc8xnsWl-sSkAWLCBIIHER18LCMsF1GEgPQkR2ALaF2_ybM5nrOFtctma_GjENIS8Zxr1RnhyqrVFCzUnHEy_PZTf8e_3RlvjqT-nz78YR5Hgsjd9Qfdctu9hzH2Y0F9aiKQKNaUPut6sfymteGyDuDjqrbIhv8sMMfkhv9hBreUqPH5KmSW8H0iQm7ODEbN1DVYaXyr82HBeg2giBQdhYO9XHLfaxTgx9HVguoGYzivB0wg1gpaIlxWEu0vmPm95zPoMbbeQTxwGPRO3o9_1-ozqM906bvUdQG5FVTGFj_vXZ87t-lyOLlzw_tRdUvKJDcll85Vgx3gRoINJfgY-XfLQAmOiZAZl03P4HdyiC2zM_m-3rdD4ObUrwmcg2LACnubxuxkhRQEA9VR4GRqzhp7PyUg2SxJDKlV4TiGfMMfyNG7ZDe1zusbG1tj1w-2TJNfMnm4vLJH-02w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 440F 0
0 50ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1325193152008963&bg=!PT6lPnHNAAZxrfrxUa07ADQBe5WfOBeToFfsrOTG1mNHdgFBhzbogkynqFy3_lPxR5RO6s-6BnTSxVTgCNlKArzTcHIxAgAAAPVSAAAAAWgBB5kC-D5_EK6B9INjcJtweHsINWJZCg3Q415sku4RnOI54Zatfe3OGZF3XMBYJ6UNugHWesYYJBemQ2snK5au7A91JLZz4F92SC6gtl5sn3eEl7Ne6oG7UPKoSNg5TRcqGMQCnEF2o801g0TxihQJajeAqG9EvD4t2Sw73TzwCnaSsPgacJCUNnSPNYmsAuS-It9bS40c04uG1E_aBRw-ilCakZborzdVcOsy586AAqV3buU6E9yVMWis_T9c5kn9VtHeq2evY26FDWuQYjA8kdr6WE-K7b9T8TRgrDAZncr7_3PzaHyGSEQFSHKNNbmXmIrXeXvRT6bT9WRzCpWK4MloGppoHQ9_c5wo0CrIjUvZ_XLZZ8ZuHrVr9QGZcqpunr9-nliZnXS6IJh8YMWG_2TXulzNyJk9AzGasylfbwcQz_F4GswEylYLAUgM7DFNOqpZf6KgHlIf97w-Awz8TesbM-5x8hmR1klGMNI-IwXSTe-af-uwIZKfpf6X3-eW5K6T8jadoYDCasg8Or3fOJsIOXWLNHEVpIsloc3FOzEVHFryupmE202-WxGrlvJFK4Cg7B0-JD7ewH7ORbxwBJRxAvFgWOshGxSM10ntcvVaRosWhDpA6qjFaosMTduDmMW7fUYjpAIT8WhkA9A6LIETr7xtdmrr8SqRCiWiO5J2jg3pFHC_cSPOClJ6gVbi4dGDHyUJ8yiS6F4L9mAz6nm0OxBEX2WtN8rHkoovKpJM5ZroF0gAn6rR6HnlEgUZ10Zk4u8zDp9ZC6N19OxzqoThYuPDuabf1J7ZQhWui8lFS7lXk51ukVJhl-rcD4oQH14WpG6IPUfVT4LCIX_2QtSN0CQpFwiUdA_5JtXgtuFlaP8uv9EZoCExIp59H4ppkevJQGm6jdJgL_Yv4ZuFA8UKzg2liutrzU6CMXecr44SmTcGMmcMiNExDFu638jRwZWwn6cQrlnRrAvacmdDKCL2eYCFhSw5ls4w_YlbDZ-61koD7C752gJaWEE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DC2D 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOTxa3qYH3KztRpWvt_QT_Jyrwqw5hwSrqNO0QXa_BeaMZ8jVnbXV8_M6HAVUcztjyeW4ugZHLsd9aEKPkr90qYfo_OGuQgUaATk65RVookEdxQ5cMzbWn2GYyOIi6ENmv0n02wyzjS2j0&sai=AMfl-YQ5utbYZYnJbULbPmJ6RyUW7fvnv2QgHdgVMiHnddv7VA3MsORWBmuN4Bd6CXQRigGzHZwJmoEHieNT2IB0o7QQzWHIK3SS764iMgJ7zEx22gApt89jROS-IGX86WvLXE_WwW9TsnhzLl0GKavV&sig=Cg0ArKJSzJ4CWWDZgTDpEAE&cid=CAQSTgDICaaN8Epm5egQ8vl6YJFhMPdCT8tPQnUzBH1PGx7PCxvsG6RMymy1eeaTP-YjyvcF6UZN5wtSyZwCoxbUQYM9JbEyZJYUlKdhrKJriRgB&id=ampim&o=1260,275&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=897&tls=1898&g=100&h=100&tt=1898&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6EFD 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0a1RSQwQWwSC0F5m7f3wvxjZatZvP8doCANM5uzQYDEf-QGVCECU6wp69Y-suMwR3xPH6jsI6w6yo-DkR0iyKLcYFnYh0ZzvT8dfX78Dm1jXOHk1UrE1OsjuKk7fZpOupVtsXEBEccOvoh04-nCdyqzbqwhohLxhz2qvPaGW1EWaY2H7zzoTbKu6cF3KA_kGwfmjvUR288EzKpP5Y1rrw7m7emSQs3WZ4J9uu3TN86WE1r6qhh5TJQu7GO9RG-z2Ce-7meBgE2LMkMWyBWUKA6aFPzVj9XmvCP3UCUVqUD_uvOMjtmAK2Y4BlY_e7dkdgS4PECSboAsWlbl0fK0djWl0B8i5ZBGudjA-SVcpwIURLUUG20VkgKBWSRYLjGiyKAuSE6fHBUYbZ6KlpeJ2S6MGHGoYBPAsSveY7a9XZs3xPvejMySv0U5lXtv3PQWARKf_M1v0ns4MgyxB9Q9FJq1bk5vWXzsVs1neXvTTvT25s5dI_qVGtN0O_W7iJf3OwkJsv6YcErVVBDbTxFKTXaWFQQiLCLV3TEfl33jvXHYD-MLjrmIQhtKIaZiOK19ucdq3RhknzqyEDl1uhDFOPULLVzxbz9HBonp8xJcQZLv6CCujDl9uT1h6AHQWpSgeK3omk0N2xXvMZsCnVoQUhEXY532c4Jn7D1nER9JoyFvAB6zyTitAENB8-Uap-NewOtxgkS8B800-G_4Sx1_dQ_U6zT1nSzKMWl1_YKKJxb4eVsBMFikV4OLQ8_668tZz9IFxMFCNRiFMzSiSEOWNHS7Lw0ZIGRoU_Oi_7YBDagVYuCNGGTAziFTY7zusMVtdTIVLA2I75M8zI2mQscgxmkmuC3KH5IensZFbdafFGHdPrb-aS3fMVK-6x0yr-1PG8NX7fGUmfrK5RWcCrhNiyFIyCnPf2T7x0B407KUpn0EIWXfAYoO2Pexaa4WqXq4p6txyRRew3wvIoFVsDRwsXKoRkCkHeXD4mb-IgnJh7KGdNgjzSc555GJCOtqLizIS8zWDfWOe7HjGvbr-CxpfWYWYLS6h-KhpuAIielCPb3uCmxe8wPLgSAEp4KGkOW9D70wtS1ThVLzNm_shuM5VyjM74yTG8P_wZiLl5Er6a9jgC0DJ1evR4F0YLUHKYFTn5McJuA28FEcq-UJtZ&sai=AMfl-YRHzneYNaTaaTZcDt_gEsrmgjHizipMFxDYzryn49SQiiV1LUmVp31ZAxc6WORS9K7_xw0Zq7gkaXchgWsXbW9sIr86n9N7UKc0lNMY8eQkDUUzhunbjC_GubDvmlc4n3DVNQgP_dnSk-kfX584UlYTAvCOCjP9iYDsDw&sig=Cg0ArKJSzPK7RMlTPCaSEAE&cid=CAQSTgDICaaNTBexePioRIunZd9ZjYbX9YofPmmJ_V3hwQKLHyQrHgeK8uk32y-gbKg_Z-Zoioof8qR0ASuVTWTJIQ2LM91k5k-mA02TZJmTJhgB&id=ampim&o=276,512&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=507&tls=1508&g=100&h=100&tt=1508&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DAF 0
0 50ms
50ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2074182313561847&bg=!dHeldzjNAAZxrfrxUa07ADQBe5WfOLqgleQPY6MDnQDkIlbgOckbXHykXtRv4O6x767I7xyEm1HxUniFa6p_-CX0bDqcAgAAAElSAAAAAWgBB5kDDExkoOXkHamRtt6eZIuPA6Ti4iNOs3R6VtLk1aSb7OBQq-eCIBEeVgJQXOSilvzhxuJFgvxX1L1553omfwu299TtL336ZrynevwbQ1X70xfDr4oipJ5itF1Yzs7lLBERh0NbtiXD_ZO3xzxkJaOhufirApCv62h4Jo720lH_cJTkPEU4zdw_sdODJyS4MFYIqyBT5BbQW-eV9TSueQZtUgh0Q255B5b14vfDPrGsX_879XxkLnJ1F7m-GO8VeI4S6JZ3_U1DOMMn1m4LuUPgaRbSXG5K5M1JgEdbJf66PRj-lD07ZyiMiN7diF0CVNA7f8UiUe0c5OXAoROBeCFxrcE68lypRTfQ0xHyVEzxsV5EvYtWQK9SIdlkRMwrgFomO6xuPaTzmr7qv1eFFEySpkF_dAYBUUnlEsPVLfenIOv_avo17qUOGBu61R1kEMoOy-PIihlkWTkOJdBD60R0u2Tg_jG7mOXa4VwJZytFWbmGM1dtUQgJ_mreLV9xfZlWFTA4BRZE7Hid4SeMN1FURtGEU9eQkWEmzN-lk9xTHY3VVfDfB7BvJuxs59POgxV9uI6iWLeyU-qtduHZemXyS9BEjrOfcWl_g1sPZiCetcgt7oHTVHCtSwoPPI1oBnIAuhgIzPV8USfLb0QaBsIrvWGHucVwNxnJB5hRuLsRzEvBiwQB2i8VzOVwQA55ANQ7dFXrrhb3ok2yRdNYba9k_Z8aPyU0JFdTYamgvBAcLH9UoN_TOWAQxD1BU2Dghx1UXPtRDDboYNU3GZUkfxUWEBfXwVyD4wE0WLP6nivxmt1-cOEk7JBadtmkzuDx44RNhD0Y-bQCKDlf8GXBEm8qBK4VIUO4cQRzeqBYvDfJZLFBB97MEeP2cce9F_bXPWVEGOKzhLKqiCGcckniemz2pCSRmyhaT3mAHSiuoVT13L__Vak66GtnJb08zzaMvTmnmkh7xJsxGBVpQe_41cXnXqmh3k5OLH0SuuNS7BIz2QVC-Q6M9CGEcbMWyT_TdEtUrS_r3igkgMJ44pmGAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=1392872817795943&bg=!NjWlNXrNAAZxrfrxUa07ADQBe5WfOMID7B-1TsWKOZ-c0NZcxTA71NKPb3o9hThia2s_11LDjiwy8JfVL8AuF6XQKcAGAgAAADdSAAAAAmgBB5kCuJNsdvFxlMMCeYZ7RlR1zuau1zRZw2DOMXCxb8v_1lPp4Sl1Z24sNATsqy_d0IhIsovgrsYPsnQkNQ8niu6KnrC4KYOBA-dueDNnkNRhIPYKaXZ8EcUCT0SpEDJjKidj-XmAfpT96rxghQsoj7W5Onf66LS-34LKqnc30r44btTRAT7FlsEFMvdzpK9ITQPm3oxbKyTpXvSkkr42kvG7nIqQ09sEMIEc5-qqzoSFKcrEbvTRxVzQ0l4SymGOYzC_RopyihkYAjH0GN6DxctiHZwqnxNSzqvtdXyFekGMBB7fOlrjDuUtIhPirR8-v5kESF1EnxWPL-WoZdTZXZyMbgoqbvyNFQ28TFyISV2bNlxdhkWj6L8JO9Tk38c-86S6gZ_FzDVHthvhZI8PnOIuJ9zalNnIgjLwSDv1gfCoW_OoGfiUF_G0uNjpNrv9Sb06Yk8UEXdFhiNg4dtk_z5JBayDHLlhjg8eUXcDEbDjvLBpc74eZs6KOt7qdkWwo9rTlOAZqCx1fKg18fam59RKwyBRKBwB03IoWrl8mN2qM4hdlBS9fGmsaYlGgOOcndmIWMWNHOQXiN2RkR5Sxsdp3oj7kCnmEN0w5SS0p8UgBfBUlsSdOrYPuWLmaC5KirlYhugHwZCdULdweLi1_87PqTKtF_3bA28EbYaDUt8H_7kJ4hGhc82TSRWOTrshmU4sBMGsmyueWJSvdB7fJkcL9h294374UTnITdQSy50WCUHE-RO4EJFeXJLSyYHdwR-yZlNKSuj5km5rYaXaptnkSGDLbwNkYqgGGqZ5jn73ecAMT9ZwBhual45pC11tWGP13CDbvsuRjuPKCsEjQ4tcuCLuOHrAZQzxHlEXRdWMhaPXkapGsdsKO1RGLih5sesEXe9a4dgk1mQaZMBbD7sITLHyzVAGlsnYDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9362 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=986940961677&version=m202309260101&ct=77&x=1&cor=708884208565407200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBRKLEJKHZ&gtm=45je3b81v9106472506&_p=1701099100256&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1137215634.1701099100&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=3&sid=1701099100&sct=1&seg=0&dl=https%3A%2F%2Fwww.tndeer.com%2F&dt=Tennessee%20Hunting%20%26%20Fishing%20Forum&en=exception&_ee=1&epn.style_id=2&ep.error_type=javascript&ep.error_message=ResizeObserver%20loop%20completed%20with%20undelivered%20notifications.&ep.error_location=https%3A%2F%2Fwww.tndeer.com%2F&epn.error_line_number=0&ep.fatal=false&_et=1587&tfd=7096
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBRKLEJKHZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tndeer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 15:31:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tndeer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 129ms
129ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=wDHBeByQJEZmkKqwVnJEHCVaZFJDSmhg-FE7fPshldVrrKD4c03zIFUjD-E03BPc1maVvnMQ==&pm_ct=14347892e37237b11cd95a33&pm_pl=1701099102073&pm_td=6729&pid=1000177&en=1.1&callback=__pm_glbl_1S7zRll7gDlE64im3MZELvwk._gc4&tt=opt&v=a6bb4ea
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Mon, 27 Nov 2023 15:31:48 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
270 B 129ms
128ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=wDHBeByQJEZmkKqwVnJEHCVaZFJDSmhg-FE7fPshldVrrKD4c03zIFUjD-E03BPc1maVvnMQ==&pm_ct=14347892e37237b11cd95a33&pm_pl=1701099102073&pm_td=7029&pid=1000177&en=1.1&callback=__pm_glbl_1S7zRll7gDlE64im3MZELvwk._gc5&tt=opt&v=a6bb4ea
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tndeer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tndeer.com
Date: Mon, 27 Nov 2023 15:31:49 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lb.eu-1-id5-sync.com
URL: https://lb.eu-1-id5-sync.com/lb/v1

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tndeer.com/	1970-01-21 02:07:39	Name: _ga Value: GA1.1.1137215634.1701099100
.tndeer.com/	1970-01-21 01:17:15	Name: cf_clearance Value: P7pbEu1lYzPnHgzlSRU3jZ2VPQeqJyY_L4X93pPtSyU-1701099101-0-1-2799baed.c592c874.1506216b-0.2.1701099101
www.tndeer.com/	1970-01-20 17:14:51	Name: xf_dbtechSecuritySession Value: 311a4d6d89531d2dfc90a251731611db
www.tndeer.com/	1969-12-31 23:59:59	Name: xf_csrf Value: C7d_LQDRrckyge3Y
www.tndeer.com/	1970-01-20 17:14:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.tndeer.com/	1970-01-21 02:07:39	Name: _ga_CBRKLEJKHZ Value: GS1.1.1701099100.1.0.1701099101.0.0.0
www.tndeer.com/	1970-01-20 16:33:05	Name: pmtimesig Value: [[1701099102170,0]]
.adtelligent.com/	1970-01-20 18:00:55	Name: vmuid Value: 586d7c5c2f4fc199
.doubleclick.net/	1970-01-21 01:53:15	Name: IDE Value: AHWqTUkTUrM7Rfb4QJoicd2twN2fqdXS54oJprH5TG3mw6UQzo48eW8Gp4mT1Ud0c2o
.doubleclick.net/	1970-01-20 16:31:42	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 18:41:15	Name: uuid2 Value: 8677925644859954935
.casalemedia.com/	1970-01-21 01:17:15	Name: CMID Value: ZWS2X2TKbSXkEknC8i9fFwAA
.casalemedia.com/	1970-01-20 18:41:15	Name: CMPS Value: 2141
.casalemedia.com/	1970-01-20 18:41:15	Name: CMPRO Value: 2141
.adnxs.com/	1970-01-20 18:41:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVp3j%0!]tbPl1M>e)ZlrFUfJ+tGXxp?IJmTR_``!aFQp'j:yh1jIM#>RYZUljTC/#b3If)y3KL9D3I?+Tqpa.S
.doubleclick.net/	1970-01-20 20:50:51	Name: APC Value: AfxxVi79OjJ13ScIU9skGSy2Z3e-xqmCRLak4lOWOK-Esvv4ng3S7w
.quantserve.com/	1970-01-20 18:41:15	Name: d Value: EHEBCQHDKoEA
.quantserve.com/	1970-01-21 02:01:53	Name: mc Value: 6564b660-2dca0-4f0d9-a9ea0
.blismedia.com/	1970-01-21 01:17:19	Name: b Value: 6564B6606A0B3026E19E2CC7BLIS
.simpli.fi/	1970-01-21 01:18:41	Name: suid Value: 7BA0FC1F09DC4F62A97998A84C3B3642
.doubleclick.net/	1970-01-20 17:14:51	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 16:31:40	Name: test_cookie Value: CheckForPermission
.tndeer.com/	1970-01-21 01:53:15	Name: __gads Value: ID=607376b95895af30:T=1701099102:RT=1701099102:S=ALNI_MYdTQM2_edatcsW52OiLacf8HcnUA
.tndeer.com/	1970-01-21 01:53:15	Name: __gpi Value: UID=00000ce7fc2a4a44:T=1701099102:RT=1701099102:S=ALNI_MZckoNCZ880xdU8zC_XBuVlA-fQNQ
.redintelligence.net/	1970-01-20 18:41:15	Name: 8lcfmzhxc8d6_uid Value: 9bc2fe0a455b46c1
.googleadservices.com/	1970-01-20 18:41:15	Name: ar_debug Value: 1
.awin1.com/	1970-01-20 16:34:31	Name: awpv55355 Value: 296283\|1701099105\|12b7d080-8d3a-11ee-b3f6-2239b4908fbf
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 471991:3458780
.adform.net/	1970-01-20 17:14:51	Name: C Value: 1
.adform.net/	1970-01-20 17:58:03	Name: uid Value: 6870773032344735278
.t23.intelliad.de/	1970-01-20 18:55:39	Name: iact Value: 0001CF252FC0ACFAF095868FD4CBFF0959D7
.t23.intelliad.de/	1970-01-20 18:55:39	Name: iaimp_42842 Value: 1701099105:42842:100:137:101:248:101:20231127153145763992427d37f1ee
.tribalfusion.com/	1970-01-20 18:41:15	Name: ANON_ID Value: aVnteZbpyXahbqiVRFVm8ZaX855tdNF2t4QpZdZbvd1R3fRqYlZatmM3sZbS5sEDDvXEZduDAHtMd5m6Si2ct2SrwFqMILarooUGZa4H
.yahoo.com/	1970-01-21 01:17:36	Name: A3 Value: d=AQABBGK2ZGUCEG6BaC58plKsJndCiHkqCeMFEgEBAQEHZmVuZQAAAAAA_eMAAA&S=AQAAAmanp3LnR_owyNgHaEfkUSA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.tndeer.com/login/keep-alive Message: Failed to load resource: the server responded with a status of 403 ()
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt(Line 1) Message: Failed to create WebGPU Context Provider
security	warning	URL: https://tagan.adlightning.com/advally-dildymedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/advally-dildymedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/advally-dildymedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/advally-dildymedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmQock49oNSRvIAZYO0WbKNN9VsCLPksR37dtwX3uBQWSDngEPQmpHiHp8KwT2ZMOvyI5YJO31bj7U00eGugExAadXcOxftM7dI&google_gid=CAESEOguIzqraEUxwytxLHF7J-0&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d485bdf2009050f573521b711f2c84c.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
app.convertbox.com
assets.revcontent.com
c1.adform.net
cd.connatix.com
cdn.adligature.com
cdn.ampproject.org
cdn.convertbox.com
cds.connatix.com
cm.g.doubleclick.net
cms.quantserve.com
data.ad-score.com
data.www.tndeer.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idrs.adtelligent.com
images.revcontent.com
img.revcontent.com
js.ad-score.com
lb.eu-1-id5-sync.com
m.exactag.com
onetag-sys.com
pagead2.googlesyndication.com
polyfill.io
pr-bh.ybp.yahoo.com
pro.ip-api.com
region1.google-analytics.com
s.tribalfusion.com
securepubads.g.doubleclick.net
sync.teads.tv
t23.intelliad.de
tagan.adlightning.com
tpc.googlesyndication.com
tr.blismedia.com
trends.revcontent.com
um.simpli.fi
us-central1-wrapper-analytics-prod.cloudfunctions.net
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypalobjects.com
www.tndeer.com
x.bidswitch.net
yeet.revcontent.com
lb.eu-1-id5-sync.com
104.18.36.155
130.211.115.4
131.153.158.209
138.201.63.164
142.250.184.198
142.250.186.66
162.19.138.117
172.217.18.102
172.64.146.152
178.250.1.9
18.155.153.100
18.200.141.183
18.239.83.111
192.229.221.25
2001:4860:4802:32::36
2001:4860:4802:36::36
213.202.235.9
216.58.206.34
23.192.250.178
23.35.236.201
23.35.237.56
2400:52e0:1e00::1080:1
2600:9000:2453:6e00:a:deb0:3380:93a1
2606:4700:20::681a:4e9
2606:4700:20::681a:5e9
2606:4700:20::ac43:47e0
2606:4700::6812:18ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a02:2638:3::c
2a04:4e42:e00::282
2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e
2a06:98c1:3121::3
34.96.105.8
35.157.183.113
35.204.158.49
35.244.174.68
37.157.4.28
37.252.171.53
51.38.120.206
51.77.64.70
52.29.112.162
52.73.25.207
54.230.206.114
54.230.206.3
62.149.0.74
78.46.23.46
0077dda9560e1ff3171a016d7390330796612e54619094f5bafe6b5314e2eb8f
011be7f5755a0c6d8620996ce48883393f6441cb58c177c38849765451d5e927
03137002ec7e03a0f9a4c4e9e53c690ca2599f0a8181fe829e4da581ec872151
0348df232619aeecfe90d1be46cbb394c767bce31b0628a278d5e11038119497
0432a8c739161743aa1044a11fdc34faa6392538049c6edd076ec6938a49b86c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0909dbc26f47af7b16995e780171b18fa4c6c2ddef7acdba5a5e341f86beeae9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ea6f940235ca77ac74063cefb01fcd7a33dd49dad51011bb802014365351c64
101fa90a4a7a7ceb319c062872e88d251c8090de2c8de1f66ee133d1c9c1654c
11f3420a93d9aa6752a128166fe00e11476c29a7fe6c4f49814861059c9b1a86
134b8358f748654f943f94b6545d8a014f899ec896d99f529357938d47907dc4
160e32764ded505871be99b036f22876a1e5d7f05f9906fe70dc1abf11dd7a82
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189f4e8854b6ef11dbf4e25cf2b093945fa888725ea37cb448a7a6b5d3f2a4ef
18d832fd72d745c5012a876befccc5fbe359b001e5a40203aea625a17fe79573
18dd7e18ad05cb33ee6730c5cfe190b0eeb8dc6926130df15bd634b2a7cb94a6
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19e5bba196af5003764bebcaa42d11db2aa66a6cf7b4d1ab88b5a63f8d32c3cc
1a8190a5778002ac41b4ceeca034a6529a118c50999761b33f26174b243b1837
1ac45add80ea63b7d6b0ce78678a28ae818218e25c7d7eb0631de430c81a6bbe
1ad5e0ebff4f77802ba9adf510db1eccd513a6e259f12f8fa983b9eb770849e4
1b6e32e95a93e8736f111d9d82a867680cba9554cb72a3e8bc29210fc6623bd6
1c892d3ab7b8c4bfd83340e7c41a6862db12b0162b7204f1c241cc776298e5f1
1e74523435569a88cc1e56ca8bc8002e0d77273d9844ee715e2276a82f97a9c7
21deb1667f7cbdce60b56a7e193c713fd3bb6e13a3feb038c947a731f961157b
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
29ff5b61d67b04b502567f7506887bd05acc5f80071ae1857dec19b4701eda79
2bd698b8eefa2aa6b874101dd009d3ccb2459c80a605d210d44c9f343818c361
2c7135ffd3e35b2202aa38f64113c71354f14bcecfdafb8cfd706174a96a2f41
2c94acfef433b1567e01633449e962bbf707c7fa746a4d1597bcafcceffe4cbf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
30df7aa36b3c479c5a54321bfd65dd05ec84751d57ca9ac105a739663142146b
30fbbb674b9b7ca70ef66cbcf6b67a0a9b500d41220f8128ff73982e70207e1e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
395173b4e81a86400000a80ec25d3c33f88369a1fd456b61a3bb4d31088af0c4
3ace35f59348f03f1ea4da7b5917ea1b6a35c3ced8ef232b36d10a7efe0388df
3bc95ecf6690db0389e41ee9da7cc24042b976f9f69c4ec0db612f36a6799ddb
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c73fc288062800976f6c9ca11797a000eb3f7d852125d39aae551ec714c4da4
3ce4cdd30de127e9149802f89d52fd50c212576cc5ccb086e75184cd9360deab
3df2afa7f9ac0ccddd8df9153c81b19dadce393bca37a4052ea65a9f18aa673d
3fd29e749d28208486ea5c0e69edff60bc888ca4756700f94696d8f014409b74
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43212842f704bdb959365fc06396f755696c934ad183eab4f1163421bb196126
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4410bdbb21d2f1f8e1b8765df9dd205506412301a8588e1c90967e98588416a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45141524eff33a3e4e7b9ecea87c24c12f3c1f485b30b655dcdc16a587bb6f9c
45e6a059898dbd05c593df541d6eaf5df48c1717c39acf82d8a9870d9ab038ea
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4725efe20817a85f0c0ac2ec58fcd4c5f5840dcebf83a5121aa3b7a3c05f0732
496070d4e9503642b0ec489d7b00d6d0f1680d0fad5b6d0cdafaa482ab1a706e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb726f7d11b0e22a40ae1aa1e7e3c70b77274a439432778cca9b9248889bc80
4da97356ee186defd95202d9390acfa41dc7e04b278f5f38c2256a0eb2997d5b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef02844590d098ccffda3c82f39cd118f80164c4817421e421601773c90395d
5106524f7a1ca62f280232547317aa33adc1542d6cbca8ac2003514dabb1cf2b
511b5ad11c6729baf45b395c053ebbdd80505f34594034e93ad51509fffdbe50
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57065bc463b29fc004883b9b30534e54345cf431c8a448ea637d0432f1d26af6
57216922cd65c620a07a0548a61d22a4f57f2549121ba228ac329b052b81c405
58444a8fc8268f61d80ff7504ae17ba5bffe2b248f5c11a82b5dff80327277c8
5b14e5107dd8ee33c7263894f875c6638ed13cc42590a7d698b86a834acd9935
5d827fff167e3e0dd80812592a22621df80fda7610a0ed3a07ca49f94abe41e3
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60b7b647f791867dc45411e8424b4200b20a6a8babb561988708465db36f0941
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6225d3a3a1e538d327b7654cd364041767e3002cab0110b03dd6eadacb13fd07
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62537b4423aec64808eb580c3c8084e5fcf93653782ae184f6ddba43e55159ee
630eec7ae1b7276f80f4f73ce4f66c77e851f79735e999dde4104e319c913388
63abb88648e3d6eb344ff6558bcb01a9213f139d9f152473397f9f349409791c
64405e8eefca66616fb66cf9f569fc442ba15a5f2986f9f92b1d5b9288d15282
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663b6ee7aa492eb9f52fc2e27854323d8a9c13bde3989a011495c60c5b9c164b
69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6c6dfed624e6acf831c5bc6bf1cf8ffe681c066bf5cf971e0d1a2bc731d0d0b5
6e9f344a1e9f4ee7d963030a61fb3899d5385f4f7db6b4f95f11d72875a0a494
71303a8437ca4348303e7da30bb941cae07ff524606986b98f035d8ff27d783e
734ffd9136c836e8b46b732c94fd914691d8b52b4bb6095dbbec66d5b5151d78
74f6f03c83fa50f72399c46ffcda3b717020a83dc1ebb4ded1a711df85a5b7ae
75972da54189e28b01a88745c0a5c7e7bcdeb0dc9bec9b6f140f3e1231f9697f
766846626c148cf45c1fd06e2422a0b0cc779f7e40cd6ceb270ed645d6dcc26a
7692c4625924e49d23c756b45736128f30384a52f1ffce6f21f56e8f2deb0131
76c9aca0e08033189d268816f63efa0a635fe7bba4f3add2f5453a2b8f067ccf
78c2575236cd9a473547dd660c31112d35cadeadddeffb44b75f53732b89e231
7949df9ca0a3188509c8b87352e4be45a6a5fb6c07b15dfbd2979e35d932052e
7c10c7906e64455b53213ff0702e322d5202a2558c3849c3b1248b70563610a3
7dc510655449201bfd09042134fdf6d87f880f124d04725e5ad3613b49fcb873
7dcec0f5282283aaa7b41676ab70d779851f93c0a0e0fb8db6c389a323dec01f
7f3502871ebebf767e2dd0ff47d71900de44c714070e83de2032bfb4d8fe2a19
7fba7ef0cc63de78b76dfb003897241b500f195fcf2036799a45514aa89865d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
859994375fdfe2ba9d797ba777968e70b970a5c7106c0c048c9d71333c1dc9cb
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
88727cf9f6779c276bb3f021ae78aa7e3adcb117de3a206e1388c4f69138e17a
88e4df2156dd03cf9beb7da7d401b39c7426c9f45ac869bf9ebd1cac6c57df2e
89c72a5deff252d0a3f5d06dfb415a434475646662133ac457b45260e378984a
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8e7d306c3057d700ef8afb2306b2fd1bb817e270e84ffd03662c94690eb51dff
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
913ed9985ccfa1581c12ace27af68e2b534719a4777e9c526f31b69f3bd1f3c2
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
94de7406e41e81c415233788d66f21c5a22ebe1792154029f50a29109ead61f4
95c87df546521da99c84acb1144da3a398979e91a869a54c28e6732647c6c8df
97641f2b665d07d6503a980d748f83b6f500f51976724a5c29a51db5a13f9750
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9844027c58bfec81c80cb60feeb9225b7e48720431d650bc5d793c30cd0b13d1
9956c3649fb7b80d4ffbb0f8ed651b9dbc4f5f8b4335c874d64835a6d17e6aa7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3a5247c27c9025fb8e2c12b2cd77255c02822a26fa26a90c7ffafa22082a3e
9cec7550d36bbd2a1bd71e990b67911121ddabac57d2e4608d687c48ee14481a
9e7c8bcec9a2fffd71a6e9d63e83a6461758b3209c7a161cca5f09b72a033ef3
9f0a80b3291b7d696bf6cdd72d218a575ab728001bce13d3c17d62ae8aad0693
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23c9d2626cefeb8d2d8c1a19597f8a68211c272df78a64ffd893898b33a2b69
a2b8c8b9fe0235f0bcd7a7cade8ef242b51391f40fbfb4e93259b96cd42bc683
a3958d21c3bdbd67d11232dda9f24c0df7335a6235c00bfb3b569cffad39f25f
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb
a6fdde501307bb3208921e83f265ef4aa92daebc138cbc50eee613dfc9f26a2e
a755449d5dd847a3a7997f0b14a74f13e3432db00e90e4391c8ca9b722e435d3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae8bab72cfd5ae831f537aab2a86ce0426dea5c815d876be32fdc164a06b8427
aea7e17f4010e12e77894178e1b5e1f35c65b7313868e1da18c198ed4e78f0dd
af2566d6610a2f159ef090099a5111f923f385699156c16acbdeea98ea8f248d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d7f033e4dda1d18a4adc9493929cede1f8baecd9b8173317e13a40fa8eb5b9
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6682dbd88ac0420d00dc01aaf362d19c8f3338091718f1144052c3e586cdf3b
b9a1492be256f52d3e6274e5fd8124d8c7a3cb6dd1de205cb1ce0fa64a031ca6
ba7570386407f52b0870906be17a771dc0af509c9cfee072f08af860793f5756
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c80642168462919335f16eb4eec6e93ab305b253d096866526c83f096df93dac
c97c5960d4b1d23cfdcadfc0679235cdf33449b60b73f774377553e8b0826ce6
cab1723e8ad2e0028772a6db16ade61e00de13c7fad16f19615ac5af3cdb257e
ce173931b9f0594fc8dcf527741f970184965bfa09a83d00eb491f94ee9378d8
ce7b4ef66f11416905fff188cd5d169aadfae521a8eda4da8b2e4f37be9a803a
cea69a4c170f5d1b929e98592b90b6fd361fff660c55dfe56ffa3cef40901ccd
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0c8c1e1ec7036605b85a647b52935bfa22451a8a0569334d4ca63a8bb25cbb3
d4d09bb1405de1b788b1fc273e11b44c0fb9a9b7c207e299793c030bd4e59720
d62e75c1fd4bc4864d8b3003057972ab9987ec702f6fa98d4008e7c09a00e0ce
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8f60415fa4a6eade5d64bdc5a78dfed81152be549a89cac89ac684f604789b0
d908609db44dffd9ede2d752207cfe8d6868f3259bcea44fd7d0eea74a4b520e
da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058
db017224d253dbf31c832cdde46f693ca293b1d837712fd7329b63c7d956fc8c
db577e4c4f984cbe2540c61503b7af34f55d99c47faf0949c717261b761ddf37
e001977ff2382c9c29eae2d01312840836eb92f86c24a45e5fe76e1d23f2fcdf
e10ea4452e141196072777fb6998faa4ed260b2343454753f335bd09a79ef8e0
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b58d468e50c41483bbc44fdcebcb3dd8ae11d7d8bad36d43d38fcdcad5b321
e3da7ab822d0d7628b49dc629d4ce9a9ac0dd985f4e4e14b92a09ff92e6325ae
e46b0b71976e3afde4370a2ad7492ac68bf5bc0ccd8a4c6594a86a8fc739a965
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66211caa8e447d49c64848441d600a2016cfea2194bfe8eb27525e891966b4e
e6c70b0479ffad4b72537c76f50f86531a7de1d2cc9103a4f090572e0410bf1a
e8548e68a845ea4998a36c690829772b8c8176e4b4bbf00ac77615bc4b282f84
e945c46ba2f4c23036c8b23773bed087b801b83e06105e9a2da951983dbce272
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eea6887055bb9eadc4d50742ed8a4ece69474937e2a423900644d3cbcd06f8e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
efa88b8dc96254bd99bd949e20c01e54add68bbb4d0ae3bba1b84779c49792b5
efbf880354b4a5d269e537e95eaac5f228c4692ec65052ade9988f3b7e4d379c
f091a905809fb7d03b500c2f625fe8c2cb16fe04a2fd40b9712ac16807f29387
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fab5ec0471d4929074a8b22131f02fcd5daf41e66172a0adb5ba572eac1940cf
fcb3a9431473b7910939fa3fc10af410097b0f09db38a549512a03f4fd8c997f
fd4724fd98e33cf4e02cea12c98f723a766913a057a852efa8659d6afa4bab0f
fe6d1a6fa6e449729b0a5207328be1e02d7419e6662b9f87a68c6433fdc80962
fe812aab4cb12c1074617d56963eedafc816f1d73b36a619ef887833d808d01c

www.tndeer.com Open in urlscan Pro 2606:4700:20::681a:5e9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

388 Requests

91 %HTTPS

44 %IPv6

44 Domains

63 Subdomains

55 IPs

8 Countries

5380 kBTransfer

15140 kBSize

34 Cookies

12 Outgoing links

Page URL History

Redirected requests

388 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tndeer.com Open in urlscan Pro
2606:4700:20::681a:5e9 Public Scan

Screenshot
Live screenshot

Full Image

388
Requests

91 %
HTTPS

44 %
IPv6

44
Domains

63
Subdomains

55
IPs

8
Countries

5380 kB
Transfer

15140 kB
Size

34
Cookies

388 HTTP transactions
22 data transactions