www.thedad.com Open in urlscan Pro
141.193.213.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thedad.com/virtual-nfl-fans/&ircip
Submission: On October 29 via manual (October 29th 2021, 6:57:37 pm UTC) from US — Scanned from DE

Summary HTTP 97 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 20 domains to perform 97 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.thedad.com.
TLS certificate: Issued by R3 on October 2nd 2021. Valid for: 3 months.

This is the only time www.thedad.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	141.193.213.20 141.193.213.20	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
5	152.199.23.151 152.199.23.151	15133 (EDGECAST) (EDGECAST)
2	99.84.156.122 99.84.156.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e8:e600:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.84.156.82 99.84.156.82	16509 (AMAZON-02) (AMAZON-02)
6	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	18.203.216.40 18.203.216.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	54.220.1.87 54.220.1.87	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	52.217.76.60 52.217.76.60	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
97	30

30 141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.thedad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.199.23.151 (United States)

ASN15133 (EDGECAST, US)

widget.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.156.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-122.txl52.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:e600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-82.txl52.r.cloudfront.net

dolores.somespider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.216.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-216-40.eu-west-1.compute.amazonaws.com

s.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.1.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-1-87.eu-west-1.compute.amazonaws.com

t.beop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.76.60 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	thedad.com www.thedad.com	791 KB
13	googlesyndication.com 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	136 KB
9	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	181 KB
8	beop.io widget.beop.io s.beop.io t.beop.io	45 KB
7	skimresources.com s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com	20 KB
6	studiostack.com sr.studiostack.com	26 KB
4	google.com 1 redirects www.google.com adservice.google.com	1 KB
3	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	2 KB
2	google.de www.google.de adservice.google.de	1 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	google-analytics.com www.google-analytics.com	20 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	htlbid.com htlbid.com	99 KB
2	googletagmanager.com www.googletagmanager.com	83 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com	448 B
1	googleadservices.com www.googleadservices.com	15 KB
1	somespider.com dolores.somespider.com	6 KB
1	jwplayer.com cdn.jwplayer.com	41 KB
0	quantserve.com Failed secure.quantserve.com Failed
97	20

	Domain	Requested by
30	www.thedad.com	www.thedad.com
10	tpc.googlesyndication.com	www.thedad.com 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com tpc.googlesyndication.com
6	sr.studiostack.com	www.thedad.com sr.studiostack.com
5	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net www.thedad.com
5	widget.beop.io	www.thedad.com widget.beop.io
3	www.google.com	1 redirects www.thedad.com 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
3	t.skimresources.com	www.thedad.com s.skimresources.com
3	googleads.g.doubleclick.net	www.googleadservices.com 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
2	6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	p.skimresources.com	www.thedad.com
2	s.beop.io	widget.beop.io
2	widgets.outbrain.com	www.thedad.com widgets.outbrain.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	htlbid.com	www.thedad.com
2	www.googletagmanager.com	www.thedad.com
1	pagead2.googlesyndication.com	www.googletagservices.com
1	www.googletagservices.com	6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
1	ams-pageview-public.s3.amazonaws.com	www.thedad.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.thedad.com
1	r.skimresources.com	s.skimresources.com
1	t.beop.io	widget.beop.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	s.skimresources.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	log.outbrainimg.com	www.thedad.com
1	widget-pixels.outbrain.com	www.thedad.com
1	pixel.wp.com	www.thedad.com
1	tcheck.outbrainimg.com	www.thedad.com
1	stats.wp.com	www.thedad.com
1	dolores.somespider.com	www.thedad.com
1	cdn.jwplayer.com	www.thedad.com
0	secure.quantserve.com Failed	www.googletagmanager.com
97	34

This site contains links to these domains. Also see Links.

Domain
shop.thedad.com
www.bdg.com
jobs.lever.co
facebook.com
instagram.com
twitter.com
youtube.com
linkedin.com
tiktok.com
www.twitch.tv
www.bustle.com

Subject Issuer	Validity	Valid
www.thedad.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.beop.io Gandi Standard SSL CA 2	`2021-02-15` - `2022-03-13`	a year	crt.sh
htlbid.com Amazon	`2020-12-21` - `2022-01-19`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
somespider.com Amazon	`2021-04-21` - `2022-05-20`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2020-11-06` - `2021-12-08`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.thedad.com/virtual-nfl-fans/&ircip
Frame ID: E06BF38AB76692BE1F8064DDE2392E80
Requests: 74 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 9B4DA93049BC59EF8392FCC441900BD3
Requests: 2 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.37886734545327383
Frame ID: FF93A4749D04F34D960CB34EFEEA9CC2
Requests: 1 HTTP requests in this frame

Frame: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B385B3430593342F86CB762F7F814359
Requests: 1 HTTP requests in this frame

Frame: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E8AEBAD0E77090708060B8CF32C4E2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html
Frame ID: 1FBC6E2E903FC3B38B71EA01640F2599
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41F08574C4941C771ADB7E38B5F68BD1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | The DadThe Dad_ Logo

Page Statistics

97
Requests

99 %
HTTPS

38 %
IPv6

20
Domains

34
Subdomains

30
IPs

6
Countries

1537 kB
Transfer

3731 kB
Size

9
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.thedad.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.bdg.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.bdg.com/advertise
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://jobs.lever.co/BDG
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.bdg.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://facebook.com/thedadonline

Search URL Search Domain Scan URL

URL: https://instagram.com/thedad

Search URL Search Domain Scan URL

URL: https://twitter.com/thedad

Search URL Search Domain Scan URL

URL: https://youtube.com/thedadTV

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/thedad/

Search URL Search Domain Scan URL

URL: https://tiktok.com/@thedad

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/thedadgaming

Search URL Search Domain Scan URL

URL: https://www.bustle.com/info/tos
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.bustle.com/info/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

97 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request &ircip Show response
www.thedad.com/virtual-nfl-fans/ 110 KB
32 KB 1307ms
1215ms Document
text/html 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: ec0b1129ac29c028776a8242223c8d6134b9921a56b04d7a1844b1ab299f48e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.thedad.com/wp-json/>; rel="https://api.w.org/"
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a5ea1415b7f54c3-MAN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 64ms
26ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49747211-9

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d46d3406920605eb8c3d628385aa04e8c739d098ff568846ffd360411cb792f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35719
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 18:57:31 GMT

GET
H2 200 sdk.js Show response
widget.beop.io/ 4 KB
3 KB 192ms
35ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/sdk.js

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lha/8CA1) /

Resource Hash

e23f623844489df2711fb1349c954262f69ceaa67c161a43c033ada24db2e7cf

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com;frame-ancestors .beop.io *.beopinion.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "111b-vsfsDg1XnAnAj9lO2BfFVZguCus+gzip"
age: 20
x-cache: HIT
content-length: 2297
x-ocdn-accept-language: de
last-modified: Fri, 29 Oct 2021 18:57:11 GMT
server: ECAcc (lha/8CA1)
date: Fri, 29 Oct 2021 18:57:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
expires: Fri, 29 Oct 2021 19:02:31 GMT

GET
H2 200 slick.css
www.thedad.com/vendor/slick-slider/ 2 KB
670 B 53ms
51ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/slick-slider/slick.css?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 1886172
etag: W/"60914a61-6f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1491d9b54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 select2.min.css
www.thedad.com/vendor/select2/ 15 KB
2 KB 56ms
53ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/select2/select2.min.css?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 18:50:10 GMT
server: cloudflare
age: 1886172
etag: W/"60d38262-3a76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1491d9e54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
www.thedad.com/wp-content/themes/dad/ 244 KB
34 KB 129ms
126ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f77e2cec8ef9fee01753bc55c4fdf5e32aafadeda49a9649029e2d789602d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 13:58:41 GMT
server: cloudflare
age: 2519626
etag: W/"6155c291-3ce8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da254c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 htlbid.css
htlbid.com/v3/thedad.com/ 2 KB
585 B 514ms
437ms Stylesheet
text/css 99.84.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thedad.com/htlbid.css?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-122.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b0b3c1bcf2da13bbec6ab508758bd3ba57e33b17ff310ef2c7fa79002d8f4c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:32 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 14:50:09 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: W/"f456f5f48ef33b2de4a2a3d535a4f6fd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 78aa4ecfac2dbbed080d75d85f660486.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-id: D9qi9RYd_7MWJMxvk-jkGLIlnu5ShCDxC0PbgngHlYJVqJXoiIMajw==

GET
H2 200 jetpack.css
www.thedad.com/wp-content/plugins/jetpack/css/ 72 KB
14 KB 128ms
126ms Stylesheet
text/css 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.8.1
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Jun 2021 15:16:34 GMT
server: cloudflare
age: 9958879
etag: W/"60db3952-11f12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da354c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.thedad.com/vendor/jquery/dist/ 87 KB
31 KB 127ms
124ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/jquery/dist/jquery.min.js?ver=3.5.1
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14097268
etag: W/"60914a61-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da454c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.thedad.com/vendor/jquery-migrate/dist/ 11 KB
4 KB 127ms
125ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/jquery-migrate/dist/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 8734529
etag: W/"60914a61-2c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da654c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 zkziRv6m.js Show response
cdn.jwplayer.com/libraries/ 127 KB
41 KB 231ms
168ms Script
text/javascript 2600:9000:20e8:e600:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/zkziRv6m.js?ver=8.20.5
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 6216ae74b9a30982da9a97a9fccc395f4a05c33738feb9e1077181c46522b841

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 41231
via: 1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
x-amz-cf-id: oucfCXE6AabKfMH9tHQKZHJQ0KPtJQrum3THcsCra5Mp7jsdyLVGvg==
expires: Fri, 29 Oct 2021 19:00:01 GMT

GET
H2 200 slick.min.js Show response
www.thedad.com/vendor/slick-slider/ 42 KB
11 KB 126ms
124ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/slick-slider/slick.min.js?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 1886172
etag: W/"60914a61-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da754c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 add2any.min.js Show response
www.thedad.com/vendor/add2any/ 82 KB
28 KB 52ms
50ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/add2any/add2any.min.js?ver=1.0.0
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 9963312
etag: W/"60914a61-146c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da854c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 let.js Show response
www.thedad.com/vendor/let-tool/ 2 KB
934 B 125ms
123ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/let-tool/let.js?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2126112e0c76940bd4bd3b0325c564d4e0825187ee13639d5c83cca641c422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 May 2021 14:24:09 GMT
server: cloudflare
age: 1886172
etag: W/"609be509-94c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492da954c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 outbrain.js Show response
www.thedad.com/vendor/outbrain/ 179 KB
59 KB 55ms
53ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/outbrain/outbrain.js?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17383491379432feee5f7b2701f58f55c09ae94129d08e3fa35dd5a0449352c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 May 2021 14:24:09 GMT
server: cloudflare
age: 1886172
etag: W/"609be509-2cd17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492daa54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 select2.full.min.js Show response
www.thedad.com/vendor/select2/ 77 KB
22 KB 125ms
123ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/vendor/select2/select2.full.min.js?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 18:50:10 GMT
server: cloudflare
age: 1886172
etag: W/"60d38262-1356c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492dac54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 javascript Show response
dolores.somespider.com/email_form/client/ 4 KB
6 KB 444ms
384ms Script
text/html 99.84.156.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dolores.somespider.com/email_form/client/javascript?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-82.txl52.r.cloudfront.net
Software: /
Resource Hash: 63f27e7a9c88f2dfdb02d985ad41135649f829021d11d215cbb1eacd251f6c6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amzn-requestid: 90782e0b-b782-47b8-92e6-d0518bc59867
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
x-amzn-trace-id: Root=1-617c441b-6c9fee8b2bee494349241d94;Sampled=0
content-length: 3889
x-amz-apigw-id: H--UTEiVCYcF1bQ=
x-amzn-remapped-date: Fri, 29 Oct 2021 18:57:31 GMT
x-amz-cf-id: 47geQ66T8CGelBZ6Mf50NCMKcZRltMdZIgSHe9q2UT1yWPQQ-ZWinw==

GET
H2 200 main.min.js Show response
www.thedad.com/wp-content/themes/dad/assets/js/dist/ 241 KB
66 KB 126ms
124ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/js/dist/main.min.js?ver=6a28ede291592a653496
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56df37eb6a6322991a316e7c98f9e659572e26da0a4b46b3d0505c22fe0882bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Jun 2021 18:50:10 GMT
server: cloudflare
age: 2159446
etag: W/"60d38262-3c3ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492dae54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 htlbid.js Show response
htlbid.com/v3/thedad.com/ 372 KB
99 KB 535ms
460ms Script
application/javascript 99.84.156.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/thedad.com/htlbid.js?ver=1.4
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.156.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-156-122.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06eb4e46f8b7bbd4759ca75fa0a94a472e686bbef309ad91800ad3ef268d1f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:32 GMT
content-encoding: br
last-modified: Thu, 30 Sep 2021 14:49:41 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: W/"b73b97c1dbc23a80b760cc604f461947"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 78aa4ecfac2dbbed080d75d85f660486.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-id: v2qn3daGsTLpCJmsv2q8plrx32Of0LkAZWhlWfAYt5oXrSHDebORtg==

GET
H2 200 index.js Show response
www.thedad.com/wp-content/plugins/some-spider-infinite-scroll/build/ 33 KB
11 KB 126ms
125ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/plugins/some-spider-infinite-scroll/build/index.js?ver=14
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d32c1196f45ce88e422e3048115623b029e88812f4cdb6c04c214be4268d391d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Oct 2021 10:40:31 GMT
server: cloudflare
age: 1325772
etag: W/"6168091f-8296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea1492daf54c3-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
47 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFLSDQ7

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab2d3dce32503cf6ba6255157f2fb39f1d97668fc76579fde6d781e219635cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48322
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 18:57:31 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 249ms
23ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 126ac8a4a5fc28798bfdd4540755fe984163f630f7d1f140a6a4a1727661993b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 18:57:31 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H3 200 404-image.png
www.thedad.com/wp-content/themes/dad/assets/images/ 382 KB
383 KB 205ms
205ms Image
image/png 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/images/404-image.png
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2421471c7202240187bc62dffdeaa577a8f2d0d5f4e632900a7e12eed780f4e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
cf-cache-status: MISS
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
etag: "60914a61-5f924"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a5ea14ccb1354e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 391460

GET
H3 200 wp-embed.min.js Show response
www.thedad.com/wp-includes/js/ 1 KB
1 KB 47ms
47ms Script
application/javascript 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/virtual-nfl-fans/&ircip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 1886172
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14c5a2354e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 e-202143.js Show response
stats.wp.com/ 9 KB
3 KB 25ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202143.js
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 16 Oct 2022 21:07:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49747211-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 3385
date: Fri, 29 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 29 Oct 2021 20:01:06 GMT

GET
H2 200 00729826d9b61b4507c1.js Show response
widget.beop.io/en/public/chunks/9.5.1/ 37 KB
11 KB 35ms
34ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.5.1/00729826d9b61b4507c1.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35FD) /

Resource Hash

9bb73cf1dbe45bf63fa90adab9999edb08438dbfca8bbc9e12ee44fefd927a27

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com;frame-ancestors .beop.io *.beopinion.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "92d8-WtM//ioMSDk58V5LB3NWuptPRqc+gzip"
age: 107145
x-cache: HIT
content-length: 11076
x-ocdn-accept-language: de
last-modified: Thu, 28 Oct 2021 13:11:46 GMT
server: ECAcc (lhd/35FD)
date: Fri, 29 Oct 2021 18:57:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 18:57:31 GMT

GET
H2 200 b854d825905407b00f3b.js Show response
widget.beop.io/en/public/chunks/9.5.1/ 16 KB
5 KB 36ms
35ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.5.1/b854d825905407b00f3b.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/370C) /

Resource Hash

ee13eb9f9a441dd435f8cfc385577fd74788fd312e14fe736fe4bd606e00d54f

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com;frame-ancestors .beop.io *.beopinion.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "3f5e-FeF0EOzwFx855TYMgnHXT+hfdw0+gzip"
age: 107145
x-cache: HIT
content-length: 4761
x-ocdn-accept-language: de
last-modified: Thu, 28 Oct 2021 13:11:46 GMT
server: ECAcc (lhd/370C)
date: Fri, 29 Oct 2021 18:57:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 18:57:31 GMT

GET
H2 200 835c1bf2337b07dd8d56.js Show response
widget.beop.io/en/public/chunks/9.5.1/ 57 KB
16 KB 36ms
36ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.5.1/835c1bf2337b07dd8d56.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35FE) /

Resource Hash

21991ed5b099aaa4a244ea407d1e09ef4a9e1e28756eadc4303d0fb469811176

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com;frame-ancestors .beop.io *.beopinion.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "e5a7-yZqR+OHKUfY44UgVBjD8Or18X0M+gzip"
age: 107145
x-cache: HIT
content-length: 16083
x-ocdn-accept-language: de
last-modified: Thu, 28 Oct 2021 13:11:46 GMT
server: ECAcc (lhd/35FE)
date: Fri, 29 Oct 2021 18:57:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 18:57:31 GMT

GET
H2 200 0ccef2fa9810575f469f.js Show response
widget.beop.io/en/public/chunks/9.5.1/ 37 KB
10 KB 41ms
40ms Script
application/javascript 152.199.23.151
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.beop.io/en/public/chunks/9.5.1/0ccef2fa9810575f469f.js

Requested by

Host: widget.beop.io
URL: https://widget.beop.io/sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.151 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/370F) /

Resource Hash

f1e1ed75d698815362ad4352ab86672d14f0d5b2fc1c014242eaa111e8422e66

Security Headers

Name	Value
Content-Security-Policy	frame-src ;script-src 'unsafe-inline' .pingdom.net www.youtube.com platform.twitter.com .instagram.com .beop.io .beopinion.com js.stripe.com;frame-ancestors .beop.io *.beopinion.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-src *;script-src 'unsafe-inline' *.pingdom.net www.youtube.com platform.twitter.com *.instagram.com *.beop.io *.beopinion.com js.stripe.com;frame-ancestors *.beop.io *.beopinion.com
content-encoding: gzip
etag: "94f4-1DpLffGoqZ7QkjJTx48tZtMN+mM+gzip"
age: 107145
x-cache: HIT
content-length: 10590
x-ocdn-accept-language: de
last-modified: Thu, 28 Oct 2021 13:11:46 GMT
server: ECAcc (lhd/370F)
date: Fri, 29 Oct 2021 18:57:31 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 18:57:31 GMT

GET
H/1.1 200
OK d3d3LnRoZWRhZC5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 76ms
20ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnRoZWRhZC5jb20=
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/vendor/outbrain/outbrain.js?ver=5.7.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 18:57:31 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=30800
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 28975c89585acfdc9a57b544a624637f
Content-Length: 16
Expires: Sat, 30 Oct 2021 03:30:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 49ms
22ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/thedad.com/htlbid.js?ver=1.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

58c09e432d35d5d96d9f57546a3bdc71b4434d9da2f63b5d7def018e266c239b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1028 / 919 of 1000 / last-modified: 1635505548"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27311
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Oct 2021 18:57:31 GMT

GET
H3 200 material-navigate-arrow-down.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 318 B
539 B 44ms
43ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-navigate-arrow-down.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34bf3bf3e304a6b7f3c22701ea31909049712b0573a6665b1bf310f6dafb1b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14097810
etag: W/"60914a61-13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14ccb1c54e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-navigate-search.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 341 B
540 B 123ms
123ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-navigate-search.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2213819201ee49c1bda0528387ab5ffd5fac77891f2e7f02fc9e53dad8c0c61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 9930172
etag: W/"60914a61-155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2154e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-navigate-email-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 326 B
532 B 43ms
43ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-navigate-email-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f5b84c85b59b0c5270d3c3aa1bc5d7aeabecb8d54797ac767975a9703718ea1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14097810
etag: W/"60914a61-146"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2254e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 thedad-logo-white.png
www.thedad.com/wp-content/themes/dad/assets/images/dist/ 5 KB
6 KB 41ms
41ms Image
image/webp 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/images/dist/thedad-logo-white.png
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91d41b821d0db49a1d98faa9218e2f1b5703cf9079d2b7b22c2ceee88470685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
cf-cache-status: HIT
age: 779302
cf-polished: origFmt=png, origSize=10725
content-disposition: inline; filename="thedad-logo-white.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5274
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
etag: "60914a61-29e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a5ea14cdb2354e2-MAN
cf-bgj: imgq:100,h2pri

GET
H3 200 material-fb-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 926 B
833 B 40ms
40ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-fb-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536bf162b7c9b16eddfc1e83f00361201fa9b9c009244310c12c9c97253a047c

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 9956607
etag: W/"60914a61-39e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2454e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-ig-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 2 KB
1 KB 67ms
67ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-ig-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b839142c9cffa10815cc707d4008dc984a5abc018d887f95e9ae282d58b43cbc

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14095717
etag: W/"60914a61-9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2754e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-tw-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 1 KB
950 B 120ms
119ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-tw-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6425e60e2346734cf22eab1a4994d8b7b0309d341b6a1985c1b012f03b2ba741

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 9963310
etag: W/"60914a61-497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2854e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-yt-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 889 B
824 B 122ms
121ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-yt-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685b85335f1ded59b3a167e795639e0b81b563996358f57884ce990a8c182eff

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 9898937
etag: W/"60914a61-379"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2954e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-linked-in-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 807 B
757 B 67ms
66ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-linked-in-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5f6d98620eb5b1cefc74c851bf7c5cd3cab64a35ba830bf3d7e3f3f8b9faf4

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 4400822
etag: W/"60914a61-327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2a54e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-tiktok-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 2 KB
1 KB 122ms
121ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-tiktok-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794164b1b1885da6d6f2b894da5662db546626768daf1613ea15866a0a8076ac

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14095717
etag: W/"60914a61-7ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2d54e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 material-twitch-white.svg
www.thedad.com/wp-content/themes/dad/assets/icons/dist/ 771 B
734 B 41ms
40ms Image
image/svg+xml 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/icons/dist/material-twitch-white.svg
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea998e3376e6a6910761b354fa925e5aae8f2f8a195e09d216e2141cd8ffaf4

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14095717
etag: W/"60914a61-303"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6a5ea14cdb2e54e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 AcuminProSemiCond-Regular.woff2
www.thedad.com/wp-content/themes/dad/assets/fonts/dist/ 29 KB
29 KB 67ms
66ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/fonts/dist/AcuminProSemiCond-Regular.woff2
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7fed9c7eafa3297eb810c1b13b3c339405bf0f7e9d69cd2a3f3f59c8dcd361

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 2568444
etag: "60914a61-7408"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a5ea14cdb2f54e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29704

GET
H3 200 AcuminProSemiCond-Medium.woff2
www.thedad.com/wp-content/themes/dad/assets/fonts/dist/ 29 KB
29 KB 119ms
119ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/fonts/dist/AcuminProSemiCond-Medium.woff2
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a376c6e8db6b74fd491a0d6df5a99df091b1f56252bd6cbbe6c64d2347c8ec3a

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 2568444
etag: "60914a61-736c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a5ea14cdb3054e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29548

GET
H3 200 UnitedSerifSemiCond-Heavy.woff2
www.thedad.com/wp-content/themes/dad/assets/fonts/dist/ 20 KB
20 KB 66ms
66ms Font
font/woff2 141.193.213.20
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thedad.com/wp-content/themes/dad/assets/fonts/dist/UnitedSerifSemiCond-Heavy.woff2
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 142cfc3fae4c7208106e92b9437f15c14a6a60a20976b9d9e0072c590c37e055

Request headers

Referer: https://www.thedad.com/wp-content/themes/dad/style.css?ver=4698aa3cf9e8735530f3
Origin: https://www.thedad.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
cf-cache-status: HIT
last-modified: Tue, 04 May 2021 13:21:37 GMT
server: cloudflare
age: 14095719
etag: "60914a61-4f78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a5ea14cdb3154e2-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20344

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 8ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.8.1&blog=193525733&post=0&tz=-4&srv=www.thedad.com&host=www.thedad.com&ref=&fcp=0&rand=0.9305474405992518
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Oct 2021 18:57:31 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 9B4D 416 B
688 B 97ms
27ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/vendor/outbrain/outbrain.js?ver=5.7.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1635339902.61247"
last-modified: Wed, 27 Oct 2021 12:11:46 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Fri, 29 Oct 2021 18:57:31 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 76ms
20ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.165663539841315
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 28 Nov 2021 18:57:31 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 397ms
97ms XHR
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1635533851667&sessionId=02bc7922-71d4-ad4f-759f-c45eac57214c&url=www.thedad.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/vendor/outbrain/outbrain.js?ver=5.7.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 18:57:32 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3946328eb36ee3f5847a74c95a897cbc
Content-Length: 4
Expires: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 64ms
25ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFLSDQ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

afc9ea91964f1089ed3afcc20604ffa0107862a6d992ddc37ae0d21afa441b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14418
x-xss-protection: 0
server: cafe
etag: 2987026233222861869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Oct 2021 18:57:31 GMT

GET quant.js
secure.quantserve.com/ 0
0

GET
H2 200 132532X1615004.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 77ms
21ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/132532X1615004.skimlinks.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFLSDQ7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 087cf27d15546782b15b25970b5438d653f025cd570b0ab58f3f34594b018f5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 09:38:43 GMT
server: AmazonS3
x-amz-request-id: B9D2ZDFWQ1YZFZ2X
etag: "3b22822bf238418ce9c9ad1f1fc6818f"
x-hw: 1635533851.cds107.lo4.hn,1635533851.cds202.lo4.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18818
x-amz-id-2: g+hK17POxc01+sjmuQxSTTQ7PVZPrL1lmJIeO6mt7SUrCAAZc9ouWIinxCE9dwPdiuD1X9PfKmA=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=394558136&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20The%20Dad&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1190148160&gjid=1788067703&cid=949221810.1635533852&tid=UA-49747211-9&_gid=1929420107.1635533852&_r=1&gtm=2ouar0&z=1159589404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thedad.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 serve
s.beop.io/ Frame 0
0 118ms
34ms Preflight
application/json 18.203.216.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=008e25b2-042b-48d6-94f4-b1edecce66f4&sdk_version=9.5.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.216.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-216-40.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thedad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-type: application/json
content-length: 0
server: nginx/1.16.1
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.thedad.com
access-control-allow-credentials: true
access-control-allow-method: POST

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 serve Show response
s.beop.io/ 157 B
342 B 146ms
50ms XHR
application/json 18.203.216.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.beop.io/serve?nuid=008e25b2-042b-48d6-94f4-b1edecce66f4&sdk_version=9.5.1
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.5.1/00729826d9b61b4507c1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.216.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-216-40.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: c5f1d56605492550779727f1f3310cd9cd39a952788eb4f7e94e258436424304

Request headers

Accept: application/json
Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.thedad.com
date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.16.1
access-control-allow-method: POST
content-type: application/json

GET
H3 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 39ms
23ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Oct 2021 18:57:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 129 B
128 B 31ms
16ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thedad.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

56be772ae31b241ec9bf85167d98c86f51a6c42bf3151d4baf7eaf542f6f53cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Fri, 29 Oct 2021 18:57:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 72ms
23ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-49747211-9&cid=949221810.1635533852&jid=1190148160&gjid=1788067703&_gid=1929420107.1635533852&_u=YEBAAUAAAAAAAC~&z=2069088685

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Oct 2021 18:57:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.thedad.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 i
t.beop.io/ 0
138 B 123ms
31ms Ping
text/plain 54.220.1.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.beop.io/i?_ck=93ff191fbfd7feb6de8f3379a950aedb
Requested by: Host: widget.beop.io
URL: https://widget.beop.io/en/public/chunks/9.5.1/835c1bf2337b07dd8d56.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.1.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-1-87.eu-west-1.compute.amazonaws.com
Software: http-kit /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thedad.com
date: Fri, 29 Oct 2021 18:57:31 GMT
access-control-allow-credentials: true
server: http-kit
access-control-expose-headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/788733908/ 2 KB
2 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788733908/?random=1635533851762&cv=9&fst=1635533851762&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip&tiba=Page%20not%20found%20%7C%20The%20Dad&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

582bfff04bac1eead5f6f550dd4774a4d6fa0c54b3c92fea951cde47be959861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 9B4D 610 B
882 B 31ms
31ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1635339903.318342"
last-modified: Wed, 27 Oct 2021 12:11:46 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Fri, 29 Oct 2021 18:57:31 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame FF93 0
102 B 40ms
16ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.37886734545327383
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 55ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.57675383445011
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 54ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.57675383445011
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

POST
H2 200 / Show response
r.skimresources.com/api/ 163 B
348 B 40ms
16ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/132532X1615004.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

727b53110342e0d813285a7277ebd161988c675d6facee62de9050927a6e0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Oct 2021 18:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.thedad.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
www.google.com/pagead/1p-user-list/788733908/ 42 B
548 B 69ms
28ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/788733908/?random=1635533851762&cv=9&fst=1635530400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&frm=0&url=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip&tiba=Page%20not%20found%20%7C%20The%20Dad&async=1&fmt=3&is_vtc=1&random=1806288947&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/788733908/ 42 B
548 B 72ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/788733908/?random=1635533851762&cv=9&fst=1635530400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgar0&sendb=1&frm=0&url=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip&tiba=Page%20not%20found%20%7C%20The%20Dad&async=1&fmt=3&is_vtc=1&random=1806288947&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
365 B 18ms
18ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/132532X1615004.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.thedad.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
88 B 23ms
23ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/132532X1615004.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:31 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www.thedad.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 87ms
25ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thedad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Fri, 29 Oct 2021 18:57:31 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 362ms
362ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 18:57:31 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 138 B
625 B 521ms
456ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=250703&ref=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6e4f53880a472e4884e8f342cbb05879e0fce4504d8a3705769b0e89d158f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 18:57:31 GMT
ETag: W/"8a-Ag0Uviqmo+m1JrvGWAUFOLFtppg"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 138
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
24ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thedad.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
26ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thedad.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 18:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
32 KB 478ms
478ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1906613887463385&correlator=3926212539912167&output=ldjh&impl=fifs&eid=31063213%2C31063298%2C31063310%2C31063336%2C31063140%2C31063183%2C44748552&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211029&iu_parts=49944529%2Cthedad%2Clegacy%2CTheDad_Lead1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C728x90%7C970x90%7C970x250&didk=1622125026&eri=1&cust_params=htlbidid%3D6917%26is_testing%3Dno%26is_home%3Dno%26level%3Dlanding%26cat%3D%26parentcat%3D%26post_id%3D%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1635533852&dt=1635533852679&dlt=1635533851023&idt=795&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=125&adks=1370337799&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thedad.com%2Fvirtual-nfl-fans%2F%26ircip&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=949221810.1635533852&ga_sid=1635533853&ga_hid=394558136&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

1f89ba874a71f8f750b59463bbd7da9473f1acc0a2a360bcd1cf06a8ad447505

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPaYvbKm8PMCFSHTEQgdc0YNlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10819349632409142898/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPaYvbKm8PMCFSHTEQgdc0YNlQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/10819349632409142898/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32246
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 29 Oct 2021 18:57:33 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thedad.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B385 6 KB
4 KB 88ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 29 Oct 2021 18:57:32 GMT
expires: Sat, 29 Oct 2022 18:57:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 417ms
107ms Image
image/png 52.217.76.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=461684c8cb42
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.76.60 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 18:57:34 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: A39EJN4MP3J93Y5Q
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: +4Zr9DLtW1Y1ha19h07O29inlOM0hXDt0HXhEZsjgJWJ7qZ/+bx7KZN5sG90H/THGJGyUPzXSMs=

GET
H2 200 container.html Show response
6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E8A 6 KB
3 KB 317ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thedad.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 29 Oct 2021 18:57:32 GMT
expires: Sat, 29 Oct 2022 18:57:32 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ Frame 1FBC 1 KB
2 KB 60ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html

Requested by

Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d9d7231df5f8bc7b4215749d0f12106dd877fd3565a0bf23c67c10d949e818

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 580
date: Thu, 28 Oct 2021 01:30:12 GMT
expires: Fri, 28 Oct 2022 01:30:12 GMT
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 149241
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8E8A 0
0 50ms
50ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYXL-HER8YfaaLKGmx_AP84y1qAn9qIfjZK3U-r-YDorRo-2-ARABIPn_xCNglfrwgYwHoAH1wMrRAcgBCeACAKgDAcgDCKoE8QFP0ETM6Cr1uxIM804ubxjFSpw4CMqt8PyWo4_YXxyzBYo1I5QRs45vERQsDHlyP1UbIWsri0cM2qCrDDvq0EPGpibZS_Xtb2xxh12fuQGnWled6k_V7zdfXkKJKLYiQGqskUfGSZ9Rf2elpe6qXrTzcdt555XIl25-79eP87UcI5psMErERWUD9ndJHmAA8LH7MQzi2_jbfGX0fNRjM3GoWgHuz5Mm5Xi0SzKEOfkfMaWFL7hueSKT211xhWWO_nnUyIhgvXVIsyt5-z74ASN-dlmhJrs0_SVpkv1EjzyRd9QwQl6pKkOh-lt6IH7QgfxjwASJj_6-3APgBAGSBQQIBBgBkgUECAUYBKAGLoAH8761rgKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ758W0ggJCIDhgBAQARgdgAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTI1MzkyNjYwMDk3NjM2MTAYmcMb&sigh=LPp-VZspmqk&uach_m=[UACH]&template_id=419
Requested by: Host: www.thedad.com
URL: https://www.thedad.com/virtual-nfl-fans/&ircip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 8E8A 19 KB
8 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7760
x-xss-protection: 0
server: cafe
etag: 2659786357195577193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 18:54:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8E8A 3 KB
2 KB 57ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 18:52:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E8A 120 KB
37 KB 83ms
24ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Oct 2021 18:57:33 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8E8A 14 KB
6 KB 55ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 18:56:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8E8A 0
0 23ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUc6m7y78X4qzyQDwVrlsh7LyRLo20HA00cjusX55omdNyUrU_0Qe9csRIrFHC8hdMRwcnwdtJjV0ffjU5Ny7GJfdjSA
Requested by: Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41F0 143 B
241 B 309ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 29 Oct 2021 18:43:08 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1FBC 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Oct 2021 01:24:38 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1FBC 26 KB
10 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Oct 2021 00:06:00 GMT

GET
H2 200 ad.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ Frame 1FBC 57 KB
18 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ad.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bd9c8b17215d4810833339155d83ff90271480fca0f2ae9f87cfb50437ab39

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 32898
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18216
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Fri, 29 Oct 2021 09:49:15 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Oct 2022 09:49:15 GMT

GET
H2 200 creative-document.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ Frame 1FBC 60 KB
33 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/creative-document.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4142465b25d9b3fad457bf8f6d439e9f349d11ea295e5e863b6ea3b0b6fba2bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 460402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34008
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Sun, 24 Oct 2021 11:04:11 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Oct 2022 11:04:11 GMT

GET
H2 200 animated-creative.242432b29a36885ddd07.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ Frame 1FBC 129 KB
43 KB 14ms
14ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/animated-creative.242432b29a36885ddd07.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 153918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44372
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Thu, 28 Oct 2021 00:12:15 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 00:12:15 GMT

GET
DATA 200
OK truncated
/ Frame 8E8A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c227423a0c2db820880a41f55ffd7339274007851d8b6a06336cb9ae7aefb627

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1FBC 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 1FBC 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c2fb7308efbc82575d86510fcf8958f4715ee5798fc00c6b1fa1029d0ba8770

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 1FBC 11 KB
11 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd516ed98d3ffc2576e8a7b09a63aab5f760b4723f367d115828c8fa258fb9e3

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 1FBC 4 KB
4 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1a74c00ed9cf54fb4180a78a97b71f3de7f7884f0c51a5825e3d2dd27365c4e

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 1FBC 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887238e12d1eff42c1f6ff712ecfecd8cd028e856d9ebfbe6c4e8d04a6440cde

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 405a455d-9df0-4372-8682-d9de3236c0cc.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/ Frame 1FBC 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10819349632409142898/405a455d-9df0-4372-8682-d9de3236c0cc.png

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ca1e3b2b33312d054196821aac0bfd3295f222800ffeb95a567683d98560af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 460402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3038
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 20:36:14 GMT
server: sffe
date: Sun, 24 Oct 2021 11:04:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Oct 2022 11:04:11 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41F0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
175 B

85ms
85ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 29 Oct 2021 18:57:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 29 Oct 2021 18:57:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 29 Oct 2021 18:57:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E8A 42 B
497 B 93ms
54ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTggO92mfvwEFuL96wq9gGiOXiM1XYbGMK9etwD1O6nY7s7GUt3AJAvGsF4MmUbMtwEPFby_DFhnjwvZfRbPkVqgjlB5SeN92XkFkauaDuUSKpLYg9LQ&sai=AMfl-YRQgN0Ra-fN-GKdrvx2IeIU9YltxShYofoc9hPUJcYuI5DqSdg0gcAilVU7aIdmmBlTDdX4JRjDGeZdzc8yAgk5F3JGa9EoQYK9sqDVUZz1xlWTQ27CG20h4lVz&sig=Cg0ArKJSzKRIgRATGAaVEAE&cid=CAASF-Ro5VYabov0WkUdcZm13hQUMnAw2nh4&id=lidar2&mcvt=1000&p=0,315,250,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1370337799&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635533853173&rpt=493&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 18:57:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 23ms
23ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thedad.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 18:57:36 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 25ms
25ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thedad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Fri, 29 Oct 2021 18:57:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie	1970-01-19 22:18:57	Name: thirdparty Value: yes
.thedad.com/	1970-01-20 15:50:05	Name: _ga Value: GA1.2.949221810.1635533852
.thedad.com/	1970-01-19 22:20:20	Name: _gid Value: GA1.2.1929420107.1635533852
.thedad.com/	1970-01-19 22:18:53	Name: _gat_gtag_UA_49747211_9 Value: 1
.www.thedad.com/	1970-01-20 07:04:29	Name: beopid Value: 008e25b2-042b-48d6-94f4-b1edecce66f4
.thedad.com/	1969-12-31 23:59:59	Name: __psid Value: 1635533851875
.doubleclick.net/	1970-01-20 07:40:29	Name: IDE Value: AHWqTUl1GDkTAu1PnUcMCT9D0R1RUr9x3dHD2Q87q3Ze8KqYkk6tzm242pAtD79yk0k
.thedad.com/	1970-01-20 07:40:29	Name: __gads Value: ID=a4f66229f5799842:T=1635533852:S=ALNI_MY9_-RbKMt4q6Jhd9-s5f5PYSQ8og
.doubleclick.net/	1970-01-19 22:18:57	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thedad.com/virtual-nfl-fans/&ircip Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/10819349632409142898/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b55a421fd898f50e2f19b38a6aadb36.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
cdn.jwplayer.com
dolores.somespider.com
googleads.g.doubleclick.net
htlbid.com
log.outbrainimg.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.wp.com
r.skimresources.com
s.beop.io
s.skimresources.com
secure.quantserve.com
securepubads.g.doubleclick.net
sr.studiostack.com
stats.g.doubleclick.net
stats.wp.com
t.beop.io
t.skimresources.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widget.beop.io
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.thedad.com
secure.quantserve.com
141.193.213.20
142.250.184.194
151.139.128.11
152.199.23.151
172.217.18.98
18.203.216.40
192.0.76.3
2.18.232.28
2.18.234.190
2600:9000:20e8:e600:1:a3fa:7cc0:93a1
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:830::2001
2a00:1450:400c:c06::9b
35.190.59.101
35.190.91.160
35.201.67.47
51.104.28.77
52.217.76.60
54.220.1.87
64.202.112.191
99.84.156.122
99.84.156.82
06eb4e46f8b7bbd4759ca75fa0a94a472e686bbef309ad91800ad3ef268d1f9e
087cf27d15546782b15b25970b5438d653f025cd570b0ab58f3f34594b018f5a
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f7fed9c7eafa3297eb810c1b13b3c339405bf0f7e9d69cd2a3f3f59c8dcd361
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
126ac8a4a5fc28798bfdd4540755fe984163f630f7d1f140a6a4a1727661993b
142cfc3fae4c7208106e92b9437f15c14a6a60a20976b9d9e0072c590c37e055
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
17383491379432feee5f7b2701f58f55c09ae94129d08e3fa35dd5a0449352c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b0b3c1bcf2da13bbec6ab508758bd3ba57e33b17ff310ef2c7fa79002d8f4c8
1f5b84c85b59b0c5270d3c3aa1bc5d7aeabecb8d54797ac767975a9703718ea1
1f89ba874a71f8f750b59463bbd7da9473f1acc0a2a360bcd1cf06a8ad447505
20ca1e3b2b33312d054196821aac0bfd3295f222800ffeb95a567683d98560af
21991ed5b099aaa4a244ea407d1e09ef4a9e1e28756eadc4303d0fb469811176
2421471c7202240187bc62dffdeaa577a8f2d0d5f4e632900a7e12eed780f4e1
2baf938f5b1e36d36b4a612e7ecc9b70e54f8491b6110431d0ab43fb62d3f517
3f77e2cec8ef9fee01753bc55c4fdf5e32aafadeda49a9649029e2d789602d18
4142465b25d9b3fad457bf8f6d439e9f349d11ea295e5e863b6ea3b0b6fba2bf
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
536bf162b7c9b16eddfc1e83f00361201fa9b9c009244310c12c9c97253a047c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
56be772ae31b241ec9bf85167d98c86f51a6c42bf3151d4baf7eaf542f6f53cb
56df37eb6a6322991a316e7c98f9e659572e26da0a4b46b3d0505c22fe0882bf
582bfff04bac1eead5f6f550dd4774a4d6fa0c54b3c92fea951cde47be959861
58c09e432d35d5d96d9f57546a3bdc71b4434d9da2f63b5d7def018e266c239b
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6216ae74b9a30982da9a97a9fccc395f4a05c33738feb9e1077181c46522b841
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63f27e7a9c88f2dfdb02d985ad41135649f829021d11d215cbb1eacd251f6c6a
6425e60e2346734cf22eab1a4994d8b7b0309d341b6a1985c1b012f03b2ba741
685b85335f1ded59b3a167e795639e0b81b563996358f57884ce990a8c182eff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
727b53110342e0d813285a7277ebd161988c675d6facee62de9050927a6e0fb1
78bd9c8b17215d4810833339155d83ff90271480fca0f2ae9f87cfb50437ab39
794164b1b1885da6d6f2b894da5662db546626768daf1613ea15866a0a8076ac
84d9d7231df5f8bc7b4215749d0f12106dd877fd3565a0bf23c67c10d949e818
887238e12d1eff42c1f6ff712ecfecd8cd028e856d9ebfbe6c4e8d04a6440cde
8ea998e3376e6a6910761b354fa925e5aae8f2f8a195e09d216e2141cd8ffaf4
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9bb73cf1dbe45bf63fa90adab9999edb08438dbfca8bbc9e12ee44fefd927a27
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
9c2fb7308efbc82575d86510fcf8958f4715ee5798fc00c6b1fa1029d0ba8770
a376c6e8db6b74fd491a0d6df5a99df091b1f56252bd6cbbe6c64d2347c8ec3a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63e79b5a97bf477e7d6ad34b4f8be2e4e8c7f3162f7d58b156ff0557f65c312
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab2d3dce32503cf6ba6255157f2fb39f1d97668fc76579fde6d781e219635cbb
afc9ea91964f1089ed3afcc20604ffa0107862a6d992ddc37ae0d21afa441b70
b1a74c00ed9cf54fb4180a78a97b71f3de7f7884f0c51a5825e3d2dd27365c4e
b34bf3bf3e304a6b7f3c22701ea31909049712b0573a6665b1bf310f6dafb1b8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b839142c9cffa10815cc707d4008dc984a5abc018d887f95e9ae282d58b43cbc
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c227423a0c2db820880a41f55ffd7339274007851d8b6a06336cb9ae7aefb627
c5f1d56605492550779727f1f3310cd9cd39a952788eb4f7e94e258436424304
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2213819201ee49c1bda0528387ab5ffd5fac77891f2e7f02fc9e53dad8c0c61
d32c1196f45ce88e422e3048115623b029e88812f4cdb6c04c214be4268d391d
d46d3406920605eb8c3d628385aa04e8c739d098ff568846ffd360411cb792f7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6e4f53880a472e4884e8f342cbb05879e0fce4504d8a3705769b0e89d158f53
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de2126112e0c76940bd4bd3b0325c564d4e0825187ee13639d5c83cca641c422
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23f623844489df2711fb1349c954262f69ceaa67c161a43c033ada24db2e7cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91d41b821d0db49a1d98faa9218e2f1b5703cf9079d2b7b22c2ceee88470685
ea5f6d98620eb5b1cefc74c851bf7c5cd3cab64a35ba830bf3d7e3f3f8b9faf4
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ec0b1129ac29c028776a8242223c8d6134b9921a56b04d7a1844b1ab299f48e2
ee13eb9f9a441dd435f8cfc385577fd74788fd312e14fe736fe4bd606e00d54f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e1ed75d698815362ad4352ab86672d14f0d5b2fc1c014242eaa111e8422e66
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd516ed98d3ffc2576e8a7b09a63aab5f760b4723f367d115828c8fa258fb9e3

www.thedad.com Open in urlscan Pro 141.193.213.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

97 Requests

99 %HTTPS

38 %IPv6

20 Domains

34 Subdomains

30 IPs

6 Countries

1537 kBTransfer

3731 kBSize

9 Cookies

14 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thedad.com Open in urlscan Pro
141.193.213.20 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

99 %
HTTPS

38 %
IPv6

20
Domains

34
Subdomains

30
IPs

6
Countries

1537 kB
Transfer

3731 kB
Size

9
Cookies

97 HTTP transactions
7 data transactions