theadcode.co Open in urlscan Pro
2606:4700:3030::ac43:bb9b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://redirected.ooguy.com/1701416Pn2590750RR410800390dj12634fy2mBr100084cR
Effective URL:
https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&...
Submission: On October 06 via api (October 6th 2020, 9:11:35 pm UTC) from BE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3030::ac43:bb9b, located in United States and belongs to CLOUDFLARENET, US. The main domain is theadcode.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2020. Valid for: a year.

This is the only time theadcode.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.196.63.76 52.196.63.76	16509 (AMAZON-02) (AMAZON-02)
1 1	103.9.77.109 103.9.77.109	45899 (VNPT-AS-V...) (VNPT-AS-VN VNPT Corp)
1 3	3.212.216.198 3.212.216.198	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3034::681f:41d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3030::ac43:bb9b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3036::681f:4c4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
2	68.183.157.211 68.183.157.211	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	151.101.112.217 151.101.112.217	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
42	12

1 52.196.63.76 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-63-76.ap-northeast-1.compute.amazonaws.com

redirected.ooguy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.9.77.109 (Ho Chi Minh City, Viet Nam) 1 redirects

ASN45899 (VNPT-AS-VN VNPT Corp, VN)

www.stayonlinkfor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.212.216.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-216-198.compute-1.amazonaws.com

mediadifferenz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::681f:41d1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trk.tct4.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::ac43:bb9b (United States)

ASN13335 (CLOUDFLARENET, US)

theadcode.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::681f:4c4a (United States)

ASN13335 (CLOUDFLARENET, US)

tct1.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.157.211 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server1.wpcc.io

wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	theadcode.co theadcode.co	907 KB
6	tct1.co tct1.co	147 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	37 KB
5	gstatic.com fonts.gstatic.com	61 KB
4	cloudflare.com cdnjs.cloudflare.com	85 KB
3	mediadifferenz.com 1 redirects mediadifferenz.com	4 KB
2	facebook.net connect.facebook.net	92 KB
2	wpcc.io wpcc.io	5 KB
1	facebook.com www.facebook.com	262 B
1	vimeo.com player.vimeo.com
1	bootstrapcdn.com stackpath.bootstrapcdn.com	23 KB
1	tct4.co 1 redirects trk.tct4.co	2 KB
1	stayonlinkfor.com 1 redirects www.stayonlinkfor.com	620 B
1	ooguy.com 1 redirects redirected.ooguy.com	322 B
42	14

	Domain	Requested by
12	theadcode.co	mediadifferenz.com theadcode.co
6	tct1.co	theadcode.co ajax.googleapis.com tct1.co
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	theadcode.co
4	cdnjs.cloudflare.com	theadcode.co cdnjs.cloudflare.com
3	mediadifferenz.com	1 redirects mediadifferenz.com
2	connect.facebook.net	tct1.co connect.facebook.net
2	wpcc.io	theadcode.co
1	www.facebook.com	theadcode.co
1	player.vimeo.com	theadcode.co
1	ajax.googleapis.com	theadcode.co
1	stackpath.bootstrapcdn.com	theadcode.co
1	trk.tct4.co	1 redirects
1	www.stayonlinkfor.com	1 redirects
1	redirected.ooguy.com	1 redirects
42	15

This site contains no links.

Subject Issuer	Validity	Valid
mediadifferenz.com Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-13` - `2021-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
wpcc.io Sectigo RSA Domain Validation Secure Server CA	`2020-06-22` - `2021-06-22`	a year	crt.sh
vimeo.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-07` - `2021-04-24`	9 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Frame ID: 6690802C4A5135E5D781E7C92D68DB07
Requests: 41 HTTP requests in this frame

Frame: https://player.vimeo.com/video/352263888?autoplay=1&title=0&byline=0&portrait=0
Frame ID: 494B55D1A65B50CB6553C3E331E6BC56
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://redirected.ooguy.com/1701416Pn2590750RR410800390dj12634fy2mBr100084cR HTTP 302
http://www.stayonlinkfor.com/5C37GQ6/6C1RC9L/?sub1=1701416&sub2=8b-1701416-2590750-100084-12634-410800390 HTTP 302
https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa00... Page URL
http://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%2... HTTP 301
https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%2... Page URL
https://trk.tct4.co/aff_c?offer_id=26&aff_id=1067&aff_sub2=1382421106cdd729c3be1602018674&aff_su... HTTP 302
https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

42
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

12
IPs

6
Countries

1359 kB
Transfer

2123 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://redirected.ooguy.com/1701416Pn2590750RR410800390dj12634fy2mBr100084cR HTTP 302
http://www.stayonlinkfor.com/5C37GQ6/6C1RC9L/?sub1=1701416&sub2=8b-1701416-2590750-100084-12634-410800390 HTTP 302
https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site= Page URL
http://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2 HTTP 301
https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2 Page URL
https://trk.tct4.co/aff_c?offer_id=26&aff_id=1067&aff_sub2=1382421106cdd729c3be1602018674&aff_sub=1737_ HTTP 302
https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://redirected.ooguy.com/1701416Pn2590750RR410800390dj12634fy2mBr100084cR HTTP 302
http://www.stayonlinkfor.com/5C37GQ6/6C1RC9L/?sub1=1701416&sub2=8b-1701416-2590750-100084-12634-410800390 HTTP 302
https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=

Request Chain 1

http://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2 HTTP 301
https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY Show response
mediadifferenz.com/view/
Redirect Chain

http://redirected.ooguy.com/1701416Pn2590750RR410800390dj12634fy2mBr100084cR
http://www.stayonlinkfor.com/5C37GQ6/6C1RC9L/?sub1=1701416&sub2=8b-1701416-2590750-100084-12634-410800390
https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=

322 B
1 KB

388ms
160ms

Document
text/html

3.212.216.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.216.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-216-198.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 79ec3c89f6779b19c9648037856c58ecb5387ee7c26fbecda88cb5a6c225b400

Request headers

:method: GET
:authority: mediadifferenz.com
:scheme: https
:path: /view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 06 Oct 2020 21:11:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALBTG=KZeHA+EfiOsY+Hiq5CxJGUOkWPajrs6YWg2CFRKx8kBJzlVbkcn3y8Orj4dWrZTaZ0os4RBy7v57APEvBNXQokxQXOfD18lQz051AKVGNa+r5vEyfLsgnZ8HMW1YWFAykpFNY6PTHHq3Dh/90Q9D6XCqfkIv7/RVl7gx9jnsONj6sSiZkUQ=; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/ AWSALBTGCORS=KZeHA+EfiOsY+Hiq5CxJGUOkWPajrs6YWg2CFRKx8kBJzlVbkcn3y8Orj4dWrZTaZ0os4RBy7v57APEvBNXQokxQXOfD18lQz051AKVGNa+r5vEyfLsgnZ8HMW1YWFAykpFNY6PTHHq3Dh/90Q9D6XCqfkIv7/RVl7gx9jnsONj6sSiZkUQ=; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/; SameSite=None; Secure AWSALB=C388fbctFNqQVcpyLDosBVIEgYcwJutkWw/1pJm6/N6YqdYsQ7zZ5LZWYDxFRb1ORLSAtkEtaHcvxjpWE9jyfDPUbW32O3JdknL0YTxyuFTrK/8otXfSpaRv15EY; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/ AWSALBCORS=C388fbctFNqQVcpyLDosBVIEgYcwJutkWw/1pJm6/N6YqdYsQ7zZ5LZWYDxFRb1ORLSAtkEtaHcvxjpWE9jyfDPUbW32O3JdknL0YTxyuFTrK/8otXfSpaRv15EY; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/; SameSite=None; Secure PHPSESSID=o87cviavej29v7en18ncu7frsa; path=/
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 06 Oct 2020 21:11:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 170
Location: https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=
Set-Cookie: uniqueClick_6C1RC9L=37c2231e-a9dc-43f2-891c-82fd450526f6:1602018674; Path=/; Expires=Thu, 05 Nov 2020 21:11:14 GMT; SameSite=None transaction_id=edaa0035b404489da1c844e261abfa5f; Path=/; Expires=Mon, 04 Jan 2021 21:11:14 GMT; SameSite=None
Vary: Origin
X-Eflow-Request-Id: b067a5e1-8771-4b7b-8d98-d4a3776ceef1

GET
H2

200

hrfp Show response
mediadifferenz.com/
Redirect Chain

http://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2
https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2

153 B
1 KB

115ms
114ms

Document
text/html

3.212.216.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2
Requested by: Host: mediadifferenz.com
URL: https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.216.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-216-198.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5cc74fa40c6f09b2c4ad5cda37e8f68f9840020204c7e03a0fe277509c8fc0fa

Request headers

:method: GET
:authority: mediadifferenz.com
:scheme: https
:path: /hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AWSALBTGCORS=KZeHA+EfiOsY+Hiq5CxJGUOkWPajrs6YWg2CFRKx8kBJzlVbkcn3y8Orj4dWrZTaZ0os4RBy7v57APEvBNXQokxQXOfD18lQz051AKVGNa+r5vEyfLsgnZ8HMW1YWFAykpFNY6PTHHq3Dh/90Q9D6XCqfkIv7/RVl7gx9jnsONj6sSiZkUQ=; AWSALBCORS=C388fbctFNqQVcpyLDosBVIEgYcwJutkWw/1pJm6/N6YqdYsQ7zZ5LZWYDxFRb1ORLSAtkEtaHcvxjpWE9jyfDPUbW32O3JdknL0YTxyuFTrK/8otXfSpaRv15EY; PHPSESSID=o87cviavej29v7en18ncu7frsa; AWSALBTG=bykzIxfiJ9AJxAiJ4fue/Vyj09dyfMdgtTfxIT3mLQkXrHdae4UjTaFPInLsI08unxRkCTG2XQEZf8aORmhsbjW4CWpbd5/duyz9oziK03JV8/SGsLDBNAmcPt4IxkqjFos7JV6mFmib2r3Oq2M3+H/aOMG0K27yjryXmTuq7PSU0G8PpexOz071SJ0K0WxoP3cOgYeongrBMBSX4ocZi2W47H06QMaLuIHRlyqgp5AXNZ58lMNeJwiZcuR5XhLheL6ob5ZKwySH5w==; AWSALB=jhq3LFnkQhL2bcah0S/UDhOtwUrLSyPyCtwTeuvmXvi7vUAHrsUkGzUsA8GhSu1iCSO5mQExrHP5JUFfE6pY4fGK9wcGSxk5Rp+6667YTnX9KGRCSdJ/gmPS4XSbYZaVSeIIvIrgtEN5BmQloM/GSgh/sHOdQztrMFhnvL0gO6VAG93THRRPiCzUv18t4w==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mediadifferenz.com/view/AU0T47S0B9aS0bAhIoBf2TMj8iP6ssHw4v1IbsiRJHY?c=31310&pid=1737&tid=edaa0035b404489da1c844e261abfa5f&site=

Response headers

status: 200
date: Tue, 06 Oct 2020 21:11:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALBTG=jp0v/gCQS6UfSU4OKydSbmOtGbRBVAt/ckOmPZmY7HQOor7fUXd4BreIIlyTFO3M5wJQ8iwSx6laqrxOWLJ0FN4eJiUXHuHeldCmCSUdK6/DVt6I/kelRw+UhpXbcutcxzrst0dxCtlbfih9cSNUxc/WWetK5VqaBccHC0/Lbh075e+4MNs=; Expires=Tue, 13 Oct 2020 21:11:15 GMT; Path=/ AWSALBTGCORS=jp0v/gCQS6UfSU4OKydSbmOtGbRBVAt/ckOmPZmY7HQOor7fUXd4BreIIlyTFO3M5wJQ8iwSx6laqrxOWLJ0FN4eJiUXHuHeldCmCSUdK6/DVt6I/kelRw+UhpXbcutcxzrst0dxCtlbfih9cSNUxc/WWetK5VqaBccHC0/Lbh075e+4MNs=; Expires=Tue, 13 Oct 2020 21:11:15 GMT; Path=/; SameSite=None; Secure AWSALB=+bzyhpj8KzHwoqbXX/TKd3baLjDA5kPzQijApEXeT9DtVHs895bmKi3N7Jj0dL9gc1up8LFCFa0tbGpYaPI7xvjlQe9/tZFTnE3nzAIRKDYqw7n+trcRZSjZHtJc; Expires=Tue, 13 Oct 2020 21:11:15 GMT; Path=/ AWSALBCORS=+bzyhpj8KzHwoqbXX/TKd3baLjDA5kPzQijApEXeT9DtVHs895bmKi3N7Jj0dL9gc1up8LFCFa0tbGpYaPI7xvjlQe9/tZFTnE3nzAIRKDYqw7n+trcRZSjZHtJc; Expires=Tue, 13 Oct 2020 21:11:15 GMT; Path=/; SameSite=None; Secure
server: nginx
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip

Redirect headers

Date: Tue, 06 Oct 2020 21:11:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Set-Cookie: AWSALBTG=bykzIxfiJ9AJxAiJ4fue/Vyj09dyfMdgtTfxIT3mLQkXrHdae4UjTaFPInLsI08unxRkCTG2XQEZf8aORmhsbjW4CWpbd5/duyz9oziK03JV8/SGsLDBNAmcPt4IxkqjFos7JV6mFmib2r3Oq2M3+H/aOMG0K27yjryXmTuq7PSU0G8PpexOz071SJ0K0WxoP3cOgYeongrBMBSX4ocZi2W47H06QMaLuIHRlyqgp5AXNZ58lMNeJwiZcuR5XhLheL6ob5ZKwySH5w==; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/ AWSALBTGCORS=bykzIxfiJ9AJxAiJ4fue/Vyj09dyfMdgtTfxIT3mLQkXrHdae4UjTaFPInLsI08unxRkCTG2XQEZf8aORmhsbjW4CWpbd5/duyz9oziK03JV8/SGsLDBNAmcPt4IxkqjFos7JV6mFmib2r3Oq2M3+H/aOMG0K27yjryXmTuq7PSU0G8PpexOz071SJ0K0WxoP3cOgYeongrBMBSX4ocZi2W47H06QMaLuIHRlyqgp5AXNZ58lMNeJwiZcuR5XhLheL6ob5ZKwySH5w==; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/; SameSite=None AWSALB=jhq3LFnkQhL2bcah0S/UDhOtwUrLSyPyCtwTeuvmXvi7vUAHrsUkGzUsA8GhSu1iCSO5mQExrHP5JUFfE6pY4fGK9wcGSxk5Rp+6667YTnX9KGRCSdJ/gmPS4XSbYZaVSeIIvIrgtEN5BmQloM/GSgh/sHOdQztrMFhnvL0gO6VAG93THRRPiCzUv18t4w==; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/ AWSALBCORS=jhq3LFnkQhL2bcah0S/UDhOtwUrLSyPyCtwTeuvmXvi7vUAHrsUkGzUsA8GhSu1iCSO5mQExrHP5JUFfE6pY4fGK9wcGSxk5Rp+6667YTnX9KGRCSdJ/gmPS4XSbYZaVSeIIvIrgtEN5BmQloM/GSgh/sHOdQztrMFhnvL0gO6VAG93THRRPiCzUv18t4w==; Expires=Tue, 13 Oct 2020 21:11:14 GMT; Path=/; SameSite=None
Server: nginx
Location: https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2

GET
H2

200

Primary Request / Show response
theadcode.co/
Redirect Chain

https://trk.tct4.co/aff_c?offer_id=26&aff_id=1067&aff_sub2=1382421106cdd729c3be1602018674&aff_sub=1737_
https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

22 KB
6 KB

166ms
137ms

Document
text/html

2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Requested by: Host: mediadifferenz.com
URL: https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f54343405017a9511bffa5fc974661f30ed4eb133b49af6ceaf134b0f89fe27

Request headers

:method: GET
:authority: theadcode.co
:scheme: https
:path: /?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mediadifferenz.com/hrfp?url=https%3A%2F%2Ftrk.tct4.co%2Faff_c%3Foffer_id%3D26%26aff_id%3D1067%26aff_sub2%3D1382421106cdd729c3be1602018674%26aff_sub%3D1737_&prot=2

Response headers

status: 200
date: Tue, 06 Oct 2020 21:11:15 GMT
content-type: text/html
set-cookie: __cfduid=d3d64f689ed167a73d8a1efd688113bcf1602018675; expires=Thu, 05-Nov-20 21:11:15 GMT; path=/; domain=.theadcode.co; HttpOnly; SameSite=Lax; Secure
last-modified: Tue, 06 Aug 2019 14:25:49 GMT
cf-cache-status: DYNAMIC
cf-request-id: 05a15a2234000064a933093200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5de25fb05ae564a9-FRA
content-encoding: br

Redirect headers

status: 302
date: Tue, 06 Oct 2020 21:11:15 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d4badd11788c31de34a1c64f4a3504c021602018675; expires=Thu, 05-Nov-20 21:11:15 GMT; path=/; domain=.tct4.co; HttpOnly; SameSite=Lax enc_aff_session_26=ENC03b583350d0d9d7669cf9f3f19cbebf73c0fac3cde6abaf30c04014e8542cb84d1d2aac0b1169ddc04e64df00b496dd12ab238368e7d742fbd9e23dda532283b743f306a66f0193bbcc8a2544f8c6a752d57e928aa42643a820f911a0c98df3ed3fa9e410c1be169f5581637cdafc0803cbba2e5557348841e7a5387992b6c310876a7f05a8b52acbf416a9354831eba79dc4ce8b3fec5a81d805a9db3d13a596967250556ef7b5e672fc3d27631aca1c69861edd78cc99474483ae1126764c71678e4bf7cdd3e977f0da2d0451518cf51beaac4fa1147b4cba26bcb35dca8eb90238755e9b5f07e7f5d9e8041ce9bf2b3b0d0992a38f96e0638f1ad8c9a39171dbffb26a09da4b3c50bd00ca9374f32883187f366567eb56c111aadefe0ae299d0cb0e906; expires=Wed, 06 Jan 2021 21:11:15 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Fri, 01 Sep 2023 07:51:15 GMT; path=/; SameSite=None; Secure
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-robots-tag: noindex, nofollow
tracking_id: 102f19556d2f965cd04607cbccbdc7
location: https://theadcode.co?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
p3p: CP="NOI CUR OUR NOR INT"
access-control-allow-origin: *
x-request-id: 9a0586250c644a9664db5508767e0bb3
access-control-allow-headers: Tune-SDK-Version
cf-cache-status: DYNAMIC
cf-request-id: 05a15a21b80000324cce316200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5de25faf8c06324c-FRA

GET
H2 200 css
fonts.googleapis.com/ 4 KB
710 B 25ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i&display=swap

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5ffb125b17527738578d2c2be22ddb175bf48d2f749b3153003c2f54361197a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 21:11:15 GMT
server: ESF
date: Tue, 06 Oct 2020 21:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 21:11:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
950 B 24ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57658a40c785532b1987827c2880348af8efaf46e14874de2347c7cb024810d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 21:03:03 GMT
server: ESF
date: Tue, 06 Oct 2020 21:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 21:11:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 871 B
461 B 25ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alex+Brush&display=swap

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

956685caf941bbf24e4d3f87cef98cd3fb5a2dd5b59182d6a4977894e72d4c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 21:11:15 GMT
server: ESF
date: Tue, 06 Oct 2020 21:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 21:11:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
647 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 19:51:49 GMT
server: ESF
date: Tue, 06 Oct 2020 21:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 21:11:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
663 B 31ms
24ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2d74431681112605c644ca8071d0edc4520ace7dd8ec3dfa6fbf363d8944616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 19:16:39 GMT
server: ESF
date: Tue, 06 Oct 2020 21:11:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Oct 2020 21:11:15 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 13457ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://theadcode.co
Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 22ms
15ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1720688
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 05a15a22eb00002c426c814200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de25fb17bc02c42-FRA
expires: Sun, 26 Sep 2021 21:11:15 GMT

GET
H2 200 main6a92.css
theadcode.co/assets/css/ 7 KB
2 KB 148ms
141ms Stylesheet
text/css 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theadcode.co/assets/css/main6a92.css?s=1561281225
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb2015db7898edc5111d6f4be7521d6eacdbc2019d972782825dc1d79d48f6f

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 23 Jun 2019 12:13:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: text/css
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5de25fb17b4a64a9-FRA
cf-request-id: 05a15a22eb000064a93309a200000001

GET
H2 200 intlTelInput.css
tct1.co/build/css/ 24 KB
3 KB 210ms
182ms Stylesheet
text/css 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tct1.co/build/css/intlTelInput.css
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c330ac5fd9ffac6a9cc6575ecc11d697a30e170e9d7d0e85e13964758d2692a4

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05a15a230000009acee98a6200000001
last-modified: Mon, 04 Mar 2019 01:06:52 GMT
server: cloudflare
etag: W/"5efb-5833a5f31e300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 5de25fb19ae39ace-FRA
expires: Tue, 06 Oct 2020 21:21:15 GMT

GET
H2 200 star-icon.png
theadcode.co/img/ 4 KB
4 KB 140ms
135ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/img/star-icon.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef2e38837ab83c2ff15526f06a6a0f8698b5dca0d2eef1ef166909dd45bca983

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2019 22:18:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b4c64a9-FRA
content-length: 3869
cf-request-id: 05a15a22ec000064a93309c200000001

GET
H2 200 money-icon.png
theadcode.co/img/ 3 KB
3 KB 142ms
138ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/img/money-icon.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e99b8d2154f9696f4748a4cf754930e0198b4b55db1dfc500b1a7d392e5091c

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2019 22:18:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b4d64a9-FRA
content-length: 3259
cf-request-id: 05a15a22ed000064a93309d200000001

GET
H2 200 bitcoinicon-1.png
theadcode.co/img/ 12 KB
12 KB 167ms
163ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/img/bitcoinicon-1.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2a42e32a01b4284ebd6dd394f485940ae401b21ba9f7499f2beb8aa465e7ff

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2019 22:18:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b4e64a9-FRA
content-length: 11960
cf-request-id: 05a15a22ed000064a93309e200000001

GET
H2 200 logo.png
theadcode.co/assets/img/ 13 KB
13 KB 148ms
144ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/logo.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1620b43bcabe34afb7a4e1a8a6e35ca091065730a1d6b0251e380610767a2155

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jun 2019 16:45:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b4f64a9-FRA
content-length: 13177
cf-request-id: 05a15a22ed000064a93309f200000001

GET
H2 200 header2.png
theadcode.co/assets/img/ 27 KB
28 KB 774ms
770ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/header2.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7368ac18514ae6b98aaeb6000962caa8feff0a95c8ca6a3d19d271e21a5b941

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:16 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 16:45:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b5064a9-FRA
content-length: 28124
cf-request-id: 05a15a22ed000064a9330a0200000001

GET
H2 200 Screen-Shot-2018-09-24-at-17.23.01-_1_.png
theadcode.co/assets/img/ 19 KB
19 KB 190ms
187ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/Screen-Shot-2018-09-24-at-17.23.01-_1_.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f8bbe57bb0778a1a3a509e111da7d23d3d0ff0eafad97dfb3bd2b0fed88060

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 16:45:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b5164a9-FRA
content-length: 19308
cf-request-id: 05a15a22ed000064a9330a1200000001

GET
H2 200 about-me-new.png
theadcode.co/assets/img/ 523 KB
524 KB 270ms
267ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/about-me-new.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c67b9e9d587e2d849760683a0b45e264173f28e16a00cfceb76e223cfee5d54

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2019 11:51:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b5364a9-FRA
content-length: 535777
cf-request-id: 05a15a22ed000064a9330a2200000001

GET
H2 200 bank.png
theadcode.co/assets/img/ 293 KB
294 KB 236ms
233ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/bank.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 938887c1b8b1e52692c4285dd1bad39a335b789e4c58b7c3a47bcad4bc11df06

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 16:45:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b5464a9-FRA
content-length: 300414
cf-request-id: 05a15a22ed000064a9330a3200000001

GET
H2 200 icon-image.png
theadcode.co/assets/img/ 2 KB
2 KB 153ms
151ms Image
image/png 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theadcode.co/assets/img/icon-image.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cde01d1ebf46dc7a083a716c8faad47bc0f46610392decaf3e2f22198422bfe

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Jun 2019 16:45:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: image/png
status: 200
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 5de25fb17b5664a9-FRA
content-length: 2135
cf-request-id: 05a15a22ed000064a9330a4200000001

GET
H2 200 email-decode.min.js Show response
theadcode.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
872 B 15ms
9ms Script
application/javascript 2606:4700:3030::ac43:bb9b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theadcode.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:bb9b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: gzip
vary: Accept-Encoding
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05a15a22ec000064a93309b200000001
last-modified: Thu, 01 Oct 2020 22:18:09 GMT
server: cloudflare
etag: W/"5f7655a1-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5de25fb17b4b64a9-FRA
expires: Thu, 08 Oct 2020 21:11:15 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 19:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92987
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 19:21:28 GMT

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 17ms
11ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 515607
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1399
cf-request-id: 05a15a22ed00002c426c815200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de25fb17bc52c42-FRA
expires: Sun, 26 Sep 2021 21:11:15 GMT

GET
H2 200 intlTelInput.js Show response
tct1.co/build/js/ 82 KB
19 KB 266ms
241ms Script
application/javascript 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tct1.co/build/js/intlTelInput.js
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34424c9b0440bbf8bb3dc22b55db7b039cfc460654fe88dead9411e6502d811d

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05a15a230000009acee98a8200000001
last-modified: Thu, 07 Mar 2019 14:43:21 GMT
server: cloudflare
etag: W/"146e2-5838220b1da98-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5de25fb19ae69ace-FRA
expires: Tue, 06 Oct 2020 21:21:15 GMT

GET
H2 200 lib.js Show response
tct1.co/js/ 15 KB
5 KB 212ms
186ms Script
application/javascript 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tct1.co/js/lib.js
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136c0f1f30fe9f473947357ac91bf9f5b5ca05fbe5a1dc16e12f1ee910d14d35

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
cf-request-id: 05a15a230000009acee98a7200000001
last-modified: Wed, 22 Apr 2020 10:31:02 GMT
server: cloudflare
etag: W/"3cb8-5a3dea0f5e117-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018676"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5de25fb19ae59ace-FRA
expires: Tue, 06 Oct 2020 21:21:15 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 18ms
13ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 520120
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1541
cf-request-id: 05a15a22ed00002c426c816200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
etag: "5eb03ec2-c81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018675"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de25fb17bc62c42-FRA
expires: Sun, 26 Sep 2021 21:11:15 GMT

GET
H2 200 cookieconsent.min.css
wpcc.io/lib/1.0.2/ 4 KB
2 KB 283ms
90ms Stylesheet
text/css 68.183.157.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wpcc.io/lib/1.0.2/cookieconsent.min.css

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

server1.wpcc.io

Software

nginx /

Resource Hash

119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Apr 2019 15:44:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ca777dd-fbe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
expires: Thu, 05 Nov 2020 21:11:15 GMT

GET
H2 200 cookieconsent.min.js Show response
wpcc.io/lib/1.0.2/ 9 KB
4 KB 284ms
91ms Script
application/javascript 68.183.157.211
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://wpcc.io/lib/1.0.2/cookieconsent.min.js

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

68.183.157.211 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

server1.wpcc.io

Software

nginx /

Resource Hash

6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Aug 2020 00:22:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5f29fba9-226a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
expires: Thu, 05 Nov 2020 21:11:15 GMT

GET
H/1.1 200
OK 352263888
player.vimeo.com/video/ Frame 494B 0
0 194ms
135ms Document
text/html 151.101.112.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/352263888?autoplay=1&title=0&byline=0&portrait=0

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: player.vimeo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Response headers

Connection: keep-alive
Content-Length: 4580
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Tue, 06 Oct 2020 21:13:43 GMT
Via: 1.1 varnish 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-a-9
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Tue, 06 Oct 2020 21:11:15 GMT
Age: 0
X-Served-By: cache-hhn4033-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1602018676.504217,VS0,VE107
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theadcode.co
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,400i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 10155
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theadcode.co
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 05 Oct 2020 11:04:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 122829
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 05 Oct 2021 11:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theadcode.co
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 14:47:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 23012
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 14:47:52 GMT

GET
H2 200 SZc83FzrJKuqFbwMKk6EhUXz7RlNiCY.woff2
fonts.gstatic.com/s/alexbrush/v12/ 17 KB
17 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alexbrush/v12/SZc83FzrJKuqFbwMKk6EhUXz7RlNiCY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alex+Brush&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca09184dff32861df38461cd70f607fb014e15e24aaef700ce5796b3e3c885d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theadcode.co
Referer: https://fonts.googleapis.com/css?family=Alex+Brush&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 04:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 03:49:12 GMT
server: sffe
age: 579491
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17516
x-xss-protection: 0
expires: Thu, 30 Sep 2021 04:13:13 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 12ms
12ms Font
application/octet-stream 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://theadcode.co
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2328479
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 05a15a474000002c32f0a12200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018685"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5de25feb99d12c32-FRA
expires: Sun, 26 Sep 2021 21:11:24 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://theadcode.co
Referer: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 10088
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tct1.co
URL: https://tct1.co/js/lib.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: Gr8XRbOVwwzqWtplPP/wwCGvuSZqedoI626EgD2WZ5eXVVWLIympued1oTRTiMW9TTXbhYYdxWQikHdcjugBXg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 06 Oct 2020 21:11:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 query.php Show response
tct1.co/api/ 94 B
643 B 196ms
179ms XHR
text/html 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tct1.co/api/query.php?id=ymjslzd61r1lfqke2dmh8gl8
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.3
Resource Hash: 423e3ce94df2271137c1a8d639d281561c35aba50c6c6c9896a83c91ad458351

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018689"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 5de26005db390eb3-FRA
cf-request-id: 05a15a57a600000eb3199b4200000001
expires: Tue, 06 Oct 2020 21:21:29 GMT

GET
H2 200 169392653661216 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169392653661216?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c1f49ece0f846e63aeda74d38586cb61c65f2556b01900934b1392ebbda7d7c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70270
x-xss-protection: 0
pragma: public
x-fb-debug: 1DKfi4Y73QdA9IgpU7uHZloSYYcsQn2FzS8O/3gflNM82BSrofjUB/MFbFoa+EELmAzT7wgdF88iDofQCkW5uA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 06 Oct 2020 21:11:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
262 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169392653661216&ev=PageView&dl=https%3A%2F%2Ftheadcode.co%2F%3Fclick_id%3D102f19556d2f965cd04607cbccbdc7%26pub%3D1067%26oid%3D26%26a2%3D1382421106cdd729c3be1602018674%26pid%3D%26advertiser_id%3D500&rl=https%3A%2F%2Fmediadifferenz.com%2Fhrfp%3Furl%3Dhttps%253A%252F%252Ftrk.tct4.co%252Faff_c%253Foffer_id%253D26%2526aff_id%253D1067%2526aff_sub2%253D1382421106cdd729c3be1602018674%2526aff_sub%253D1737_%26prot%3D2&if=false&ts=1602018688994&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602018688994.554982424&it=1602018688962&coo=false&rqm=GET

Requested by

Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 06 Oct 2020 21:11:29 GMT

GET
H2 200 utils.js Show response
tct1.co/js/ 229 KB
50 KB 31ms
31ms Script
application/javascript 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tct1.co/js/utils.js?1537727621611
Requested by: Host: tct1.co
URL: https://tct1.co/build/js/intlTelInput.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
status: 200
cf-request-id: 05a15a586200009acee9ac4200000001
last-modified: Mon, 04 Mar 2019 01:06:52 GMT
server: cloudflare
etag: W/"3935b-5833a5f31e300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018689"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5de260070fe69ace-FRA
expires: Tue, 06 Oct 2020 21:21:20 GMT

GET
H2 200 flags.png
tct1.co/build/img/ 69 KB
70 KB 12ms
12ms Image
image/png 2606:4700:3036::681f:4c4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tct1.co/build/img/flags.png
Requested by: Host: theadcode.co
URL: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4c4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Referer: https://theadcode.co/?click_id=102f19556d2f965cd04607cbccbdc7&pub=1067&oid=26&a2=1382421106cdd729c3be1602018674&pid=&advertiser_id=500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 21:11:29 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9
status: 200
content-length: 70857
cf-request-id: 05a15a586400009acee9ac5200000001
last-modified: Mon, 04 Mar 2019 01:06:52 GMT
server: cloudflare
etag: "114c9-5833a5f31e300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602018689"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5de260070fe79ace-FRA
expires: Tue, 06 Oct 2020 21:21:20 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theadcode.co/	1970-01-19 15:09:54	Name: _fbp Value: fb.1.1602018688994.554982424

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
mediadifferenz.com
player.vimeo.com
redirected.ooguy.com
stackpath.bootstrapcdn.com
tct1.co
theadcode.co
trk.tct4.co
wpcc.io
www.facebook.com
www.stayonlinkfor.com
103.9.77.109
151.101.112.217
2001:4de0:ac19::1:b:2b
2606:4700:3030::ac43:bb9b
2606:4700:3034::681f:41d1
2606:4700:3036::681f:4c4a
2606:4700::6811:4f6b
2a00:1450:4001:808::2003
2a00:1450:4001:818::200a
2a00:1450:4001:81c::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.212.216.198
52.196.63.76
68.183.157.211
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0cde01d1ebf46dc7a083a716c8faad47bc0f46610392decaf3e2f22198422bfe
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119351ced3134718cb42591e513ff063cf04af7c2734b137c666ee62e137e15d
136c0f1f30fe9f473947357ac91bf9f5b5ca05fbe5a1dc16e12f1ee910d14d35
1620b43bcabe34afb7a4e1a8a6e35ca091065730a1d6b0251e380610767a2155
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e99b8d2154f9696f4748a4cf754930e0198b4b55db1dfc500b1a7d392e5091c
34424c9b0440bbf8bb3dc22b55db7b039cfc460654fe88dead9411e6502d811d
35f8bbe57bb0778a1a3a509e111da7d23d3d0ff0eafad97dfb3bd2b0fed88060
423e3ce94df2271137c1a8d639d281561c35aba50c6c6c9896a83c91ad458351
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57658a40c785532b1987827c2880348af8efaf46e14874de2347c7cb024810d6
5cc74fa40c6f09b2c4ad5cda37e8f68f9840020204c7e03a0fe277509c8fc0fa
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ec3c89f6779b19c9648037856c58ecb5387ee7c26fbecda88cb5a6c225b400
8c1f49ece0f846e63aeda74d38586cb61c65f2556b01900934b1392ebbda7d7c
8c67b9e9d587e2d849760683a0b45e264173f28e16a00cfceb76e223cfee5d54
8f54343405017a9511bffa5fc974661f30ed4eb133b49af6ceaf134b0f89fe27
938887c1b8b1e52692c4285dd1bad39a335b789e4c58b7c3a47bcad4bc11df06
956685caf941bbf24e4d3f87cef98cd3fb5a2dd5b59182d6a4977894e72d4c06
a5ffb125b17527738578d2c2be22ddb175bf48d2f749b3153003c2f54361197a
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
b2d74431681112605c644ca8071d0edc4520ace7dd8ec3dfa6fbf363d8944616
c330ac5fd9ffac6a9cc6575ecc11d697a30e170e9d7d0e85e13964758d2692a4
ca09184dff32861df38461cd70f607fb014e15e24aaef700ce5796b3e3c885d7
cd2a42e32a01b4284ebd6dd394f485940ae401b21ba9f7499f2beb8aa465e7ff
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e7368ac18514ae6b98aaeb6000962caa8feff0a95c8ca6a3d19d271e21a5b941
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ef2e38837ab83c2ff15526f06a6a0f8698b5dca0d2eef1ef166909dd45bca983
ffb2015db7898edc5111d6f4be7521d6eacdbc2019d972782825dc1d79d48f6f

theadcode.co Open in urlscan Pro 2606:4700:3030::ac43:bb9b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

67 %IPv6

14 Domains

15 Subdomains

12 IPs

6 Countries

1359 kBTransfer

2123 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theadcode.co Open in urlscan Pro
2606:4700:3030::ac43:bb9b Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

12
IPs

6
Countries

1359 kB
Transfer

2123 kB
Size

1
Cookies

42 HTTP transactions
0 data transactions