wearedevs.net Open in urlscan Pro
104.26.6.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wearedevs.net/
Effective URL:
https://wearedevs.net/exploits
Submission: On September 04 via manual (September 4th 2022, 10:46:01 pm UTC) from AU — Scanned from AU

Summary HTTP 162 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 162 HTTP transactions. The main IP is 104.26.6.147, located in United States and belongs to CLOUDFLARENET, US. The main domain is wearedevs.net. The Cisco Umbrella rank of the primary domain is 398524.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2022. Valid for: a year.

This is the only time wearedevs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	104.26.6.147 104.26.6.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
4	142.251.36.106 142.251.36.106	15169 (GOOGLE) (GOOGLE)
2	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
2	142.251.10.97 142.251.10.97	15169 (GOOGLE) (GOOGLE)
1	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
2	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
2	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
3	142.251.12.100 142.251.12.100	15169 (GOOGLE) (GOOGLE)
34	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
8	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
6 7	74.125.24.105 74.125.24.105	15169 (GOOGLE) (GOOGLE)
1	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
4	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
3 4	142.251.37.98 142.251.37.98	() ()
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
5	74.125.24.149 74.125.24.149	15169 (GOOGLE) (GOOGLE)
162	20

39 104.26.6.147 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wearedevs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wearedevs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.36.106 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.24.105 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.37.98 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.150.241 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	771 KB
39	wearedevs.net 1 redirects wearedevs.net — Cisco Umbrella Rank: 398524 cdn.wearedevs.net — Cisco Umbrella Rank: 440824	231 KB
34	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 cm.g.doubleclick.net googleads4.g.doubleclick.net	236 KB
9	google.com 6 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	307 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264 gcdn.2mdn.net Failed	153 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	31 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 225	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 101991 www.google.com.au — Cisco Umbrella Rank: 24351	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	116 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	700 B
162	14

	Domain	Requested by
34	tpc.googlesyndication.com	googleads.g.doubleclick.net wearedevs.net tpc.googlesyndication.com
29	cdn.wearedevs.net	wearedevs.net
28	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net wearedevs.net
15	pagead2.googlesyndication.com	wearedevs.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
10	wearedevs.net	1 redirects wearedevs.net
7	www.google.com	6 redirects wearedevs.net
7	www.googletagservices.com	googleads.g.doubleclick.net wearedevs.net
5	s0.2mdn.net	wearedevs.net s0.2mdn.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	wearedevs.net googleads.g.doubleclick.net s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.au	pagead2.googlesyndication.com
2	www.googletagmanager.com	wearedevs.net www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	googleads4.g.doubleclick.net	wearedevs.net
1	www.google.com.au	wearedevs.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	gcdn.2mdn.net Failed
162	23

This site contains links to these domains. Also see Links.

Domain
theomnidev.com
www.youtube.com
forms.gle
pastebin.com

Subject Issuer	Validity	Valid
wearedevs.net Cloudflare Inc ECC CA-3	`2022-04-15` - `2023-04-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://wearedevs.net/exploits
Frame ID: 03435E30DF99684E339214ECE449EAE0
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: 61D0360EB692D1F18C52904A4F35FF6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&adk=1812271804&adf=3025194257&lmt=1662331555&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwearedevs.net%2Fexploits&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554851&bpp=4&bdt=1241&idt=933&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1186197705814&frm=20&pv=2&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=954
Frame ID: 3B4D9DF93076B5BD42D88DED4A2B28ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962
Frame ID: 95EEADB975D12826C9D8661DCE5A6769
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965
Frame ID: 376C442E34EC3E8E130776431B7D61AC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2880863494&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554858&bpp=1&bdt=1248&idt=972&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XQrFYIG7qJ&p=https%3A//wearedevs.net&dtd=974
Frame ID: 6BD55A71E7208669B777F68439E2C7FB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971
Frame ID: D3A21EB6C78A178F16EEA328857739AA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973
Frame ID: 74208BE422F425C8E66668D52ED46F05
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 64A1AFCE8ADB1F49F6161554229C46EF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8F762B4986EF45FD40F8FD403AE0A181
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61CCD17D85E3B178E1B2FAC6BE970A3A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1266DA422BE31164FD5BD033491B6620
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A98F378C69278D00341E46CE090DC619
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1
Frame ID: D044C2F1FD0107D3B5EE8CCC43461177
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1
Frame ID: BE2008620E531E7770D14AA3A959471A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCn3-3eAhiourKzATAB&v=APEucNVmdZ0Sp9OLqPfAWdkXNU9pIiADYQFMYG_4QKXJDn8oKEJoDo1d5SdDGfTKWIHwzZBKoqRXc5Bwf8erlC9Gn8BKlCWuFQ
Frame ID: F1E3F91F1C0C10B2EFB3C9FB9FE28E35
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuWDUc38DPSlMPkxIOUKUkOZ0fnGODV6SgnMNKU-oRowGw-M1ikSMvEROLkLYLzKJIX9Wz_mfwMmMgx85DPmz1s1c4o8v6SxxNT2mKx-eB-k--JrT2QGx6XATT1uT9HKmwOpNskkg4w8hBv0BZADZdWMQB9Q&dbm_d=AKAmf-AvkJf3L6rMDPg_DxYF1SlJDRZN9Jm2Pnc5O855zEoHbctBBncjfv6kj0AlGZraPojNo5ownH6aRpvyn09GglCkPBggSZJRbwcna_c-2vf8-d5EOE7pbk-QWmFY0q2GhWv8X7rwou3Yv5EmMcAspnv2pN39Z78fbNtPfr7d5K3I5VBtR5V4cxUtdwfuN_Yo8JtlXDR3F2bcH0ZBBjopOsl26iUeYR-Vc2gkxMytbnkoHQpumgfSTegEnHbTaiH04tP7BDgVPkRhkbzAckdv7sCwS4PSG6M16ybb8ylwigWPWfLRb7sD-cDiXqwNPUF6ky4FZji22uKF7zU6TsvaSJhvdMllNXEBtknOGZ5Xp_vC4fSoI9a0y4e1UOJPuF4dLuf9u4ryh5axnDke8g2yrAnpdz2jZhCwOytyfW8f07uzFVxBJ76zBR6CKiGdvOiRten81OOY6BEeG22CcK9jSpK4fWSup1KRc-7feE21RxOSfg7Fo5uEmJd-hDdB3pJlIk_nWjawxs1iRoUMghDwBPf_nsxRt8iwANBBFiyeIKmJfOxZ92iKpfSXIH5w7LxeylY0Ch5JMRi7sTUIoooPYx0OaYIT2KHgH1UzYSgL683sxHOODWZEmeX5_YCee-WzshVzWBgWjshOVxaPPO6faKj-Zsix-UsaGyjdxg0WY6YVGaezTbDPqGPH03QN7Dpje3waiJkhBgc7UwpHXHXz9cnaAJFNr_-aLMx_Qun3FgotvBnQH7LerHh_a3xz-BUIwKhWCK2ysyOrULyx3e7eWCMdBhijqoMkn9hmC-trGPEsBeM3eg21fhy30Nu83BkRCibF7oioT_7iBEvUq-r4aqiLLzcK3cMUb3GnGcysF0Px_PDzzrC4MlsVm1PCwcs4lKoiVfkpXCOPUCVSgNzuRvfBwkn_r3jmmiBQ-caxhaGCu0qmkp0beFBPHtQTo3ReIy1aQIaMjRKFCkAHwbl7koi10o79ZWof_q7fw5nnQcu1vr-J2M_0W-2b0W5pVnnxHTOh1H7gvfpFemCPVAigt0Bch_qu-Z-Nb2c7AwXbGf9AaxHfPJUKq2uSwebZLqV1jDg7-zofWtJHcrEq1MYQGYJVx9g1rwdR-WQAs8yXUdKgtG2MrsgzuaI3nCuHM12ClaAnDko5WNeFLs3H_q4O1iA8l6068n_7_Q5GZUCLuF_eH4Ti6deT6fDvsI7YAw3Bo7vz9VLuoTEyX0iQA2zfFb7mcqlkYSSzdbv2SHuSPrUTPtedPDxL-sndAxJCborUICYejqlZX5PVIYn4iaXEU5Mne8TDb-63TOqzB1yZNKAZ0d84yZnDaCbn-a3LFwN1Wkmo_JcD7HUHgt0mY2FBFcN5jlE7Xg74ra7m8_4t4ny8frTy3SBea6tTNhlwJ66w_-R9dtVL7q2LoMhPj4krKdB2MkPXXKO424el7W7laNezxS_Eb3c3FAWxn6bnKWP_MuRuCMJ5NFqXYiKlWOfiS-n9kGLlZKSrR2yB-d5lxY19oUfsF8lMd-u2ySO2hr5bf0wFW8sEgfYdV6VKAhNuH30ljeNDIwxBBoqkqkYliPXqCmkDzmaf7IXkiecVigEiEc0-eg8YfgLHuWUtRF68xyJS35tBiPhnqCWFVwvKiIE5YXpeJNgUtDNV5h4mlQAJz9M6RTFFrnMfcH6Cqvm8RimPGnck0VXUtk0qVCGqbZTv7Q-0--OWrbmXT_D9D8TOcEBP_N5qmZ2S_3rPU1srHLu_Pg8GYRnXhKqBmFXFDzUJo7mIbDbC_syqvNAYvcqoMJwSnQELReVouo-dNwQNRDrZ09zV6hVftlerT09LI8SbZUxGvy5vdah1IbwxqwNCxRPHCRHUW2AIWJGVsowo7iJQVr_nrRfpcW--4GYNJZ6212htfcqYUjXmOUZhODAkgbxK5xW8sdF7lkYPLsKXCfUiu-NwzPSqhU6QOCO5WbZFbgMFEOpSZQTfI_7Bn4XWIBXaP-oWEk7Ol0rOpqRe-kKbZ4eOlMdY3C_Zq-LLn_Im2Z4c8GxWsrFhs295YWzo5kkQJnSsf6UnoSfbdPx9a7v6wFvDfoL-wjkUtETmIxujL7a6OMfzson0YVTixwfsBcKjyU78sbqUV_lceBhJqSBibyuHcxGqfj06q_4JsLtZYpwHuCq8TgSHP52BkK75HuWlDElTw5nvxtCjdfstvWPgvAp9cTVlh3YCAICHKOfBgbmbcNM30fW-5lvJCWtKHxIHjol93rZK-3DFqkBgzP0lk56fTrhTcx4RpI-1F11Jm2mgsyp3nU3I479bWU_uXlsuFQ57lApT0danMqA9RGkxwLlRgwG4J7u3rBtDXdT7iaNK3IkditK7KFKfexjtG9xqfNjYr7ANC8vwyQl7ZkRxhn4aAVefh4CfauesrVLrv5pWP4YLLVPujjTGCX2axxyOzMwX36UUxqZ0DadyQ2iXvdA8PMf5qF4lvcz_PuAQ244WG4oa-LgM8GRlrbcJfHhd7fDERvD38PD2q2EVWx8m_OYgAYUOiNdV7o6x3Zz0XJ1yap4YsnA5Aw7FY-KFXlC2wRbmxpcleQEL5R6HIrQ-MJCMA7w3Zqzqazcal1LMMB_PZ2WpUJgLpYNP1dnXu8wB_P41kKy_0-FcRHRo83qQV5wS0icbS9K-hbTMZlp7JSQAOpd-fVIzWGTOp7KvuWJ-iJjVJh-XkQ59cIyQmU-7vADq8IoL0SzLZWfu4KnH22N9QFOyjua0SFQI3yDBTfKsJc4mlgLX42pM_Qokm1IzNynKrQ8jyKdvBb9J3iOSA-99i7n5iPWRvkVfvqZyIB1whyXJCKf1GQE7V9KsBFzpx5crOD4GGw0bpOEw-oXtt9avaN9ts1xNe3E2mXtK8mVrvgzVTYGPmo_L8pHPYfDeld9TdYCaSoU7JJZiVSm38f-Le6KqHpUp9G4o48gzJHjyD-SivGMAoml6D_X9ymBWUG8uww&cid=CAASBORokiU&rfl=2%2Chttps%253A%252F%252Fwearedevs.net%252F%240
Frame ID: 69DDD6314A904C8C424EBFED057121BF
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 805C95CFD030FB81E93C992D0DF0E070
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2841488E7173B1EBFBD1F4840892D3EC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B33E5BAF20848E2BAD9D593352786D7
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247
Frame ID: 5438046D5B7F4F85C5480F05CBA6157C
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 7EE115319736166B9CA1F1AB2EF1301C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: ECA24B2E0657421068B98CF1302EF876
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: EA917095F820762DF7EB668219686764
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: D719E45E5C01CE89C4121BC1219D0C16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 38A3D4AD6A19149F440CF63A2F8597D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 7CA810EFF0336090D1EDB4ED78607B1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Exploits & Hacks & Cheats - WeAreDevs

Page URL History Show full URLs

http://wearedevs.net/ HTTP 307
https://wearedevs.net/ HTTP 301
https://wearedevs.net/exploits Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

162
Requests

93 %
HTTPS

0 %
IPv6

14
Domains

23
Subdomains

20
IPs

2
Countries

1873 kB
Transfer

4478 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://theomnidev.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Omnidev_?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://forms.gle/zE8yUNp5pJYPXxXZA
Title: Submit Your Content

Search URL Search Domain Scan URL

URL: https://pastebin.com/raw/TGz5N9Xa
Title: Change Log

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wearedevs.net/ HTTP 307
https://wearedevs.net/ HTTP 301
https://wearedevs.net/exploits Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxUqp8kJd0CkhJ.Ra0jLegAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1&google_hm=2

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHb13peI3yeHfVI4C29Ds40&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NTU3NDE2NTEzMTY1OTE2

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

162 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request exploits Show response
wearedevs.net/
Redirect Chain

http://wearedevs.net/
https://wearedevs.net/
https://wearedevs.net/exploits

32 KB
7 KB

427ms
426ms

Document
text/html

104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e717d253c592b0e237f2377438de9ceec0b5514f793b5eb3a9789b189845caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 745a420fad125a98-MEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 22:45:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09Z%2BFMJnuVctM%2B%2Bi6ArcFjoG3QDe1HHQ6vnrYxoWNWi4xE7iQv6WRifVZK1reRUHZwyIbnGw7lNOTAxyRL0WPbeOe1Q4TFh21H33%2Bb1fEt%2BYhmghDOSy%2BhKbhfv6RR0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 745a420d18bf5a98-MEL
content-type: text/html
date: Sun, 04 Sep 2022 22:45:53 GMT
location: https://wearedevs.net/exploits
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MC2kMBY8XXH65qiH4Cx24nSZUCPE0QbJsgDNKtoh4enQZ0Auhn%2FlLbhwxUCWcrD2%2BYB3SUXaWB9HNhakoe%2BDUs8Np2hGZKu3Vic2r1wnnzv%2FYXJetvcnPwDWaPBpXVg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 dM3ipLu7q0SolgbDApkhduCYXKU.js Show response
wearedevs.net/cdn-cgi/apps/head/ 5 KB
2 KB 107ms
107ms Script
application/javascript 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/cdn-cgi/apps/head/dM3ipLu7q0SolgbDApkhduCYXKU.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e041697f6dca33396ca095c8cdfc6be764176cf4950ee907a299c5e60463425c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2682761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: S69ZWPVPWXDZWJHJ
x-amz-id-2: RaRA/7kqgWTZpGM2E4G/1EoV0AwxEsQetEUWvxol+2syI2NfrajnyKYafRfCqjS/ZN0d88r7uTA=
last-modified: Thu, 24 Mar 2022 18:51:28 GMT
server: cloudflare
etag: W/"e7d47423b399d42bcf3db5bdf25c87ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fCo7a6pxCIoELTG0lopIvQbs0guXWaHFbLOnyogi9YisibKy4KJh8ri%2B71tAioVQXfu3rz0eewYjw%2Bnkd7IbyruFu%2BX%2FL3t3PiVVavqk2BQ2GeOMI%2BcNq7515xh%2FjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jUIjwrXHI1XKFhBKb84TTwrZ1s_y3PkQ
cf-ray: 745a421259c017c8-MEL

GET
H3 200 main.css
wearedevs.net/css/ 2 KB
1 KB 108ms
106ms Stylesheet
text/css 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/main.css?v=19

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a104485f98b3b248fbcd9e4aff551035c75b5874c86bb6ee30de0b6b4166c86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2181
cf-polished: origSize=2576
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-a10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6phaq3s7fTI2zFlJ01OqgPjbvub1AiUVCE8EHyvQPMln0qmzW0WAQ23UeWqoe8mEcKKKVPbI5PJ35ZZrvedeIPY4r5dKoSPj%2F5ME4wiIYOeAmYrzxHyF02ggcE6iq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=3600, public
cf-ray: 745a421259c417c8-MEL
expires: Sun, 04 Sep 2022 22:55:01 GMT

GET
H3 200 night.css
wearedevs.net/css/themes/ 733 B
901 B 105ms
104ms Stylesheet
text/css 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/themes/night.css?v=19

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09bd774a25170dcd08e541944ea6fb510431464dc9552674419440856029654f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2181
cf-polished: origSize=891
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-37b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHDCuP%2F3mKyZ6MDQNfWNa7UgQV5zG8TsyHm8STI9%2BEEkpj%2FdSOsNQqNksybA%2BvjLV8APXY7DCxnBhZUYlMHZ90MPdMVM99d3lMA2CPFZJZoAQ7RreGLyd2fUSzMnyfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=3600, public
cf-ray: 745a421259c517c8-MEL
expires: Sun, 04 Sep 2022 23:08:42 GMT

GET
H3 200 navheader.css
wearedevs.net/css/ 2 KB
1 KB 112ms
111ms Stylesheet
text/css 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/navheader.css?v=19

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75560503d03353e0880b93c71003172df0e184c0ed8f6c28ef0c1b1d91119aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2181
cf-polished: origSize=3234
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-ca2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eteuag9P7xspIxRrbVH436AGVcj%2F8S2u9ik8QmwHxVhmq0yTP1%2FKCDtXgfq4uMnp22qTL3VUG8VvhL%2BkEqorMu8S4C8WEVCvs1dlyNvUiZ1r9DqgchCkATRIwWpmmYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=3600, public
cf-ray: 745a421259c717c8-MEL
expires: Sun, 04 Sep 2022 22:51:29 GMT

GET
H3 200 timestamp.js Show response
wearedevs.net/js/ 2 KB
1 KB 107ms
107ms Script
application/javascript 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/js/timestamp.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3619c1468e207e66ec8d47fc1a4776c27a20f383cf28f5650f594a026f12da79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2089
cf-polished: origSize=3405
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-d4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJOop4%2BnkuykfrGgBdl171GgEqZ%2F9wUwm8PbU9%2FLbfr3rCstIDcgYp%2FdJcVaYnnkwJZq7LlC90Zx2ynMer65plmw7YJTs06cnAgPHb%2BzUlvkK9SZ69nW4S0yUyY%2Bby8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: max-age=3600, public
cf-ray: 745a421259ca17c8-MEL
expires: Sun, 04 Sep 2022 22:24:16 GMT

GET
H3 200 exploits.css
wearedevs.net/css/ 2 KB
1 KB 407ms
406ms Stylesheet
text/css 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/css/exploits.css?v=19

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34395ea8ee1719e85412f7cad28bb93e8c22eebcdc7b74331e014efd7eaf5f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2534
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-9e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8gdfRp6wrEjUDFsbGcTh9wI7mlJAgF3SnAyQ%2FJXPRYImgZKQRRUCyXetbaRDrOFkqZvS29Bk%2BDNsRKnaO%2FoLc%2B14V5S0EeYa5viNrm%2B5bbGrBDCN%2B2YU5OjB73ckFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: max-age=3600, public
cf-ray: 745a421259cc17c8-MEL
expires: Sun, 04 Sep 2022 22:55:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 528ms
189ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

b2be9690df0743a9f43668acc742b67646739431cdbb08c298b306583fed66e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Origin: https://wearedevs.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57432
x-xss-protection: 0
server: cafe
etag: 11638869785546412072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 22:45:54 GMT

GET
H2 200 JJSploit-v5.jpeg
cdn.wearedevs.net/images/thumbnails/ 14 KB
14 KB 117ms
111ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/JJSploit-v5.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918b6c0dcb12a71d06dca5b614efb975f1b1730064ba8126ae1a6538f5b97ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170652
cf-polished: origFmt=jpeg, origSize=43449
content-disposition: inline; filename="JJSploit-v5.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14336
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-a9b9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkAvR7rr4FuUS5i4nFhQ9iPCqnVOdrYZtIWpJzSZ8ejrC%2FMSa%2BU%2FzxMOT2gFvNFqJYSDkxIbdSgdAxlQFddiFXy6cUFn6r2jjCsIAWYQukSSkQoVv1IpAsPn6fxXoP44Z8aB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:40:41 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219eed65a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 krnl.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
4 KB 114ms
109ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/krnl.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d3085494dcd64b51dedcb5cd05820361e0b70dec19cae02d1f2e17c9e8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=5839
content-disposition: inline; filename="krnl.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3244
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-16cf"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlFwslZDjksBQF951sUetaQhXs%2F9O6RYWHi4i6nYZxSLr5z35c5I%2B%2BBFH4Sf8bCN2p3VsZyb1pP81cx1EbhDeV0bgtZcZoOtDOoZ7guLHItxT7fNbqra2q6z9lcXz6oKZpi8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 19:04:07 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219fed85a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 fluxus-7292021.jpeg
cdn.wearedevs.net/images/thumbnails/ 2 KB
3 KB 115ms
110ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/fluxus-7292021.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87803362cec9692aed91815dee83d24387c0a3a266640242e00e7fd082f7702b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=4135
content-disposition: inline; filename="fluxus-7292021.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2146
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-1027"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivmUklLN8h2%2B2BNBcQoFxwhdgihN0DoZO%2B2XKcmGdYvqlM2awRQ%2FSYBQ7WO00qaz3oxvmdkpOBA%2BN2n8ij4jWC%2Fj%2FheZ%2FekqA7wUt7htHhhd6%2B7Oc2HNna2dB6fH3tOE5ngS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 29 Sep 2022 22:23:57 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219fedb5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 coco-z4-13021.jpeg
cdn.wearedevs.net/images/thumbnails/ 4 KB
4 KB 117ms
112ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/coco-z4-13021.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406aa783c7cd864433acb30bebf0d8b37573b2e9022c1e8f51da0ef530c2e840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=11966
content-disposition: inline; filename="coco-z4-13021.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3938
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-2ebe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gPA0bdZPc0zFWgmtRtkS1ReZWKNkUL2TqzHyz4A1CAdXf9xT1w4vfHDHy9F14CtydahPCkkzN6a4o3%2BaPRA0byeb6SE2G5Evu%2BDfVhNySIyMa29Bii44BtyCmQtsyBtEs%2F8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 18:07:15 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219fedf5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 kiwi-x-61922.jpeg
cdn.wearedevs.net/images/thumbnails/ 8 KB
8 KB 114ms
109ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/kiwi-x-61922.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

009fd48f2a94c98298bb182abc95b44e1706ef5250f5969e1bd036d0232119ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=10326
content-disposition: inline; filename="kiwi-x-61922.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8072
last-modified: Mon, 20 Jun 2022 00:49:33 GMT
server: cloudflare
etag: "62afc41d-2856"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZT%2FdM5EJAUluD%2B9Dgdfe43JfL9PbAcAYTxpZIRn20lQTerzYxvJk76Dff5Fzo%2F7xcdtAnODSZia1%2FSHMaEaoKrG6jBbbXgeq2Y15zFQ4IeYoe%2BO0Y2xJmPnqeVzbIvkU5iI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 19:58:40 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219eed25a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 comet-052122.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
4 KB 113ms
108ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/comet-052122.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49fce7604e0167519e2d882d18a494549020480dd65dd854bdba6f29d2cd9216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=4573
content-disposition: inline; filename="comet-052122.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3474
last-modified: Sat, 21 May 2022 16:29:47 GMT
server: cloudflare
etag: "6289137b-11dd"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pn1bvaPl4jGmf0sGVpyVYbQ4b9QKvvtnvSBoek3n6V7O7I8HF3wZ0Ex4a2rru0cUOt6jF%2FJrKFuz8uRgp7zx228QhBKD9MZSS6eXS4Xcq7FG%2BEMf1nF5jjxhdaYxFd%2BSMuSG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 19:04:41 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a4219fee15a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 oxygenu-112520.jpeg
cdn.wearedevs.net/images/thumbnails/ 6 KB
6 KB 176ms
176ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/oxygenu-112520.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920b88ee5555db959e64d0ad3b9e1f7737540df1be91f58c2765afe65cbcb7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=7279
content-disposition: inline; filename="oxygenu-112520.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5742
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-1c6f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFQeus3PYVsl%2FrjR6u9VSfPP5hgjMDHfn3x3gkpJrJhnrXgderJC9C6kRMbeDXWNFloNg1AZnasdy8jLiznLYqE1n2CZxwoGmybxT2oTCW%2Fl5%2FKlUhMhBUNRKzjGXz4ywoxw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 19:09:26 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fab5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 novaline-22822.jpeg
cdn.wearedevs.net/images/thumbnails/ 8 KB
8 KB 175ms
175ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/novaline-22822.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b12ec37d9c7b9aff1abca242ea2925ae185eeb18aaefa15718cfcb5ee6f33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242858
cf-polished: origFmt=jpeg, origSize=15243
content-disposition: inline; filename="novaline-22822.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8228
last-modified: Mon, 28 Feb 2022 23:29:08 GMT
server: cloudflare
etag: "621d5ac4-3b8b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXGsC5IH9OzsqBnPU2sxzI7jeMKkKbSCkN%2B68ep8vz7C8f7Q%2BBm1upWbB3sqLHNxwyWb20JQNAg%2Fk2qIsY2%2FcIbrB6%2FisWeOME6uHizuHk73AyKd8V7bOvvepRc%2Fg5pOuyIj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 23:24:29 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fad5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 dansploit-010122.jpeg
cdn.wearedevs.net/images/thumbnails/ 11 KB
11 KB 147ms
147ms Image
image/jpeg 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/dansploit-010122.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c69ee5b42c98920df04b62cced66340e5eec35b0763f8329bd7d3bcada60084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origSize=12755, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11357
last-modified: Sat, 01 Jan 2022 22:18:04 GMT
server: cloudflare
etag: "61d0d31c-31d3"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHuwfW4l5JtV9NUteDyEmUsX50DOyTMHOClPjznIlsLpabZ3VK4XKe1CAhmq0d7%2FDZjl0i%2F1eDlvb4qPN0N8kFD1DsjYpnJt7u6ox%2BXJkMS8qt1IzifvZY8BzAsLfNdO5ln9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Thu, 29 Sep 2022 01:43:27 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fbe5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 nihon-82522.jpeg
cdn.wearedevs.net/images/thumbnails/ 7 KB
7 KB 149ms
149ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/nihon-82522.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a596655d377bcd559498a944d3addeb74b62212c0522014a87bfc9634a0a1bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 235077
cf-polished: origFmt=jpeg, origSize=9196
content-disposition: inline; filename="nihon-82522.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6746
last-modified: Fri, 26 Aug 2022 04:12:14 GMT
server: cloudflare
etag: "6308481e-23ec"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZR9Ta6%2BMbAf1uohfSeivP2esyGFhvO7ObDerDL3iSswGWucB1lkuxS59MWN9Ic9OKuDIJLs1pQRYiAtAoYtT7yRSVWx1TrQpfROuMn5GhgDAQpM6vRkGXNEATAIs%2Fx%2BtWLp8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 02 Oct 2022 04:13:55 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fba5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 roware-020722.jpeg
cdn.wearedevs.net/images/thumbnails/ 8 KB
9 KB 152ms
151ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/roware-020722.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65f8d3b4a1796b975bffbea43dd6367e4d04d060d16dc04e3554861c0f3e27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=16391
content-disposition: inline; filename="roware-020722.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8566
last-modified: Mon, 07 Feb 2022 23:20:17 GMT
server: cloudflare
etag: "6201a931-4007"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIdnOujtiWZ7jbcoByk081yBH7CoBhOqqnLxiD3pOcPKty6UyuCD8XInot6RfBNv7mt4sIT4lxbW%2FCPz5YW%2F3vV6CoT5X3Am%2Bmjcga3UORVwd4974uFfXUY5T3a182Uz7Pma"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:45:54 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fb75a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 code-ui-wearedevs-exploit-api.jpeg
cdn.wearedevs.net/images/thumbnails/ 4 KB
4 KB 151ms
151ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/code-ui-wearedevs-exploit-api.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e276125282398bd2ff74a96fc0a507c8cc916065f29619e84355a80a0dc4d458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=8032
content-disposition: inline; filename="code-ui-wearedevs-exploit-api.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3652
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-1f60"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnkonIqQEnArOQCl270642MXzB4TYG0VfiW8VrFQJk3%2Bf7kOVCgUWX9NbVO5u7KciWPQTzVKcpie6iOA1G8MsuPuzy19hmXddn4UAQydD%2BvbQqkDiTaKaHwkWolP%2F5pI1VE9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:43:34 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fc05a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 infinitejump.png
cdn.wearedevs.net/images/thumbnails/ 3 KB
3 KB 149ms
148ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/infinitejump.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

419349ed60e624cc3216bc42f51d250d2fd99b5e076abd37d53daa12ff10b2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=5617
content-disposition: inline; filename="infinitejump.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2902
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-15f1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu3Zlhlbb39NCHMnqeHBDakhWFiJWRb9bY10M%2F1Wo4T1BNI3gwH7nDEZ9GLBDI98w7VMW%2FZqjj%2B7uLEeAqd6p9tiyp3Q%2BcuMe%2BvAis%2BaWRtFTd5%2FgT%2F1iCGK6HJ38laYWtjN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:38:00 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fb55a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 fly.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
3 KB 238ms
238ms Image
image/jpeg 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/fly.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e2fb2651b287d576819ff041820c2fa317271c2161688bfbba1d7b7ff533187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origSize=3653, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2969
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-e45"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP05TJGqKhNM%2BirAyXdBpD5j8FdOpB1XktQJAe9XjJFW7Pq91%2BhsfhdJNrniXijSmRllqI0bEsVSIu6zjGpNDNS%2F%2F6eCRfiiU0N9ENiRJ5cvx2MXFJd7%2BbFg89pWRZqB6eVa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 01 Oct 2022 23:24:29 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fae5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 noclip-031422.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
4 KB 140ms
139ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/noclip-031422.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff8b68f25ce129297603394be734adec0f58a7972c75a7de89028dd3ad5bddd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=7047
content-disposition: inline; filename="noclip-031422.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3540
last-modified: Mon, 14 Mar 2022 17:50:04 GMT
server: cloudflare
etag: "622f804c-1b87"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIt3WkuW105GgfdDcm%2Bnjw7ZmzmSZSzdTPYggez1IvFbFuSiJZqCW0SsMcCjzqxGaNCfe32OBvYT5Sp33Nip9L9krpu%2BMT1WW6zAmDDu4IWd4v407fvwkACPYIbYOaRBBF4E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 19:11:07 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fc35a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 gravityswitch.png
cdn.wearedevs.net/images/thumbnails/ 11 KB
11 KB 228ms
228ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/gravityswitch.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de57387bbeee592d6543be81c8a006aa37fcd3d744ffce1fd0ddab1051d660a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=17555
content-disposition: inline; filename="gravityswitch.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11152
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-4493"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB6ULy93E%2FiPpXLYw4nBHjvyLIEWPVtpsWjt2joAYhwav9M%2F4efzatJ52VCKxOTcJwyiTZ2jC7ntgjENyEVOPESqekfkHIK35f9Kb8YeY%2FMBCsCYahPrCaRaETfYOHQLCzX8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 19:11:07 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fca5a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 multiplerbx.png
cdn.wearedevs.net/images/thumbnails/ 3 KB
4 KB 140ms
140ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/multiplerbx.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4bde40b7fab28f308193b6faddcc454ca5f4e0aacf86bf8984f312ddc729c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=6667
content-disposition: inline; filename="multiplerbx.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3266
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-1a0b"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5vo0PHKIEyFGIO9Bg5FM1SXRFTJJ0WZDpCTWbLjZDQT0HrQgX1l7FHuGX5Ao40%2BUvzJgnGbVyZlmFTLPPZtaoYvet%2FqV4wQPlFWEWi4T1ad%2Fo7VOnRdO9ACHi%2FHvWZzF5rf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:21:28 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fc85a98-MEL
cf-bgj: imgq:100,h2pri

GET
H2 200 esp.jpg
cdn.wearedevs.net/images/thumbnails/ 6 KB
6 KB 140ms
140ms Image
image/jpeg 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/esp.jpg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdf76eb0150b2e386b8df2df9f453fedef69c02c4e0d6477464443be4155dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origSize=6573, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5852
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-19ad"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFHHfxTRSmIMc8DvI7z5J08WCbuv7U6TkbsxKqYanLLW5UclUH1eby1CO9%2Fb8uNR46OY4OP8c8ZoVjcm78jocpRYdyr6GRHowhYOS%2BOM6sYVywVFUvMKieifcwCW5n4EZgAl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 01 Oct 2022 22:19:01 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fc45a98-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 DLL%20Injector.png
cdn.wearedevs.net/images/thumbnails/ 15 KB
16 KB 203ms
201ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/DLL%20Injector.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f4087d0ecf574c744e0003cbe20b2664db57df8111bfaefa5cfd89c95bb535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=32504
content-disposition: inline; filename="DLL%20Injector.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15598
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-7ef8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl3hvJLAkHDnTcqeBP5ifbUElAhhisxsnkZcn7yhHlS2cG%2FNzOfLKzJXvDRpbhj4cj%2F7OxMbY5NYdEEFf3%2BqV28xuL8neeYLQCZM2EArjUohnBHlrwfxRmqEDE3jWrqNS3jH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 17:06:11 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9117c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 winrar.png
cdn.wearedevs.net/images/thumbnails/ 10 KB
11 KB 106ms
104ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/winrar.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f41e546f7f4b4cef596c2f40da9e92e2c9cae7b871200540808e81dee60681cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=17472
content-disposition: inline; filename="winrar.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10490
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-4440"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7in5AKwxAZXZQECBL0R8wZQJFSRu0r0hPu1KHyjE%2F44hiiiCcgpD4dUvMtc%2BsjXxDRKbEqIbJ%2BEkahZC0WxCDc2k%2Bm1Wzf4gsVOkebUSY30k17F79j5i2S211ldBCdwMfrH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:34:54 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9417c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 auto%20clicker.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
3 KB 106ms
105ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/auto%20clicker.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c1318b2af94ddfd54aa4472b203bf7891d42582313697a5f1bd39476ab4e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=jpeg, origSize=5709
content-disposition: inline; filename="auto%20clicker.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2884
last-modified: Mon, 07 Feb 2022 21:40:19 GMT
server: cloudflare
etag: "620191c3-164d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy1iCHIhBsYA1IoMqLWAQmay10HWjidTocgiWrsV%2F3eG9rVfsIActI3FUlPKHGgWJVIUjysAU%2FT2REElbw6jmeEdBdcVIhOc%2BzKWq21HCA%2BazmWAWSmcug%2BZHz6VYrZmqMqB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 29 Sep 2022 19:37:43 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9517c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 general-tool.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
4 KB 204ms
202ms Image
image/jpeg 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/general-tool.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca3f87a64ab0730289c2775e5d879778ed375f60461d9262094f69fd5dad0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origSize=6229, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3008
last-modified: Tue, 08 Feb 2022 17:05:13 GMT
server: cloudflare
etag: "6202a2c9-1855"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI2%2BrDH08MgUOO6gs8fpP3vDZr%2B93EVqUozbVqQDCWLEHj8Ua09Za5cIds2yWyb5ldJbGW508ht6NU9ZMSJZ31Dw9YxzBUw1cYv0%2B5CKJhbw2vtnpWjYjdyDNcVpKDT%2FIr0Q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 01 Oct 2022 23:24:29 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9617c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 lagswitch.png
cdn.wearedevs.net/images/thumbnails/ 13 KB
14 KB 204ms
202ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/lagswitch.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d8d1947de0f8d0401b573847d2325f31507a7df5128f1bd0269181cc0761dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=23455
content-disposition: inline; filename="lagswitch.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13640
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-5b9f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SieqwAlozJBq3QURvOeITiJTgrCv3PMuWb0qjHc4ZDwKIev1JG8XIJE2wFOvekiyhXEbhF3sYfkgQ2mtq3CK6caRSrfw5xvaWkkOPGLuBxSv2PtaN6a1cfISkrr9Hw5cawe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 29 Sep 2022 08:40:49 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9717c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 dllinjector.png
cdn.wearedevs.net/images/thumbnails/ 4 KB
5 KB 298ms
296ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/dllinjector.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

515efbe0ee9a1d0b7c15a5d5b42a495f65259153f78089b5014dcc988f72925e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=8884
content-disposition: inline; filename="dllinjector.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4552
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-22b4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIG6M9pDL7jsG%2FuAKa4G4hlurZhpVNG7UPFQB1p%2F6pAokJbCdQOTDewUBU6IRui2e60ZWrIuVIWPzud2thtSaeDgrh1uksIPQ%2BGrP7C1uQBYxjXTYjAEpAzxnRqYD%2FqCTm5R"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 23:24:29 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9917c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 autoshutdown.png
cdn.wearedevs.net/images/thumbnails/ 8 KB
9 KB 299ms
297ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/autoshutdown.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d0d112d9d756a24f3226af0fcacb3d24da3a1b55834f33271bf8af6fdfc704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=13353
content-disposition: inline; filename="autoshutdown.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8344
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-3429"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF2gsA69IgYsXH4EHCyzRXHTImWAJ3VJVxElaExKS4s3n8Owf8x31jiGZx2DVuBWhIy22QaciyGtp6N8WwQLUPudPd4NqIlOcBsVtHkbIB0joQRaf6dh7Qr%2FxihxBaFhtnAG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 30 Sep 2022 19:01:51 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9b17c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 cheatengine.png
cdn.wearedevs.net/images/thumbnails/ 9 KB
9 KB 299ms
297ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/cheatengine.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5551086b841c89e17871e2f0264d3c82de836f99a21270e8aeaafedda567e1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:55 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=12343
content-disposition: inline; filename="cheatengine.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8872
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-3037"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CNTvof%2Fc8aslGKzIcCx6AyfEGb5sPUa8PcSTrPvMP6LIq95g4YjUucrNFMVTEv3kufYrF8aP2kZjvatg26%2FvlR03atIOiPsK1CQPGD8SrJGvWZsaOHzpvKZUDR1byVsy43Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 18:34:12 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9d17c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 notepad++.png
cdn.wearedevs.net/images/thumbnails/ 23 KB
24 KB 301ms
298ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/notepad++.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4d02d2480746bd00ae9e0188a1f262480bdbc866bf3ebf7b84052fec535b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origFmt=png, origSize=37268
content-disposition: inline; filename="notepad++.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23564
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-9194"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnfDxBaMafiyPPQntk0ALJC3zv7%2F05gHvdoGLes7kMBBg3sYFOBqpGnobylLfGhkidF3nyfIFd%2B4PJtiR8sf24joW2VpCXpsOYm5ke87qN6B%2FlKp%2Ft39UebBnvbtNhmw7m1Q"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 19:27:24 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aac9f17c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 cs.jpeg
cdn.wearedevs.net/images/thumbnails/ 3 KB
3 KB 394ms
391ms Image
image/jpeg 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/thumbnails/cs.jpeg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df340b09190a909f02ba16449278e849d41824c83c31242041cb2cc3cc818f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242859
cf-polished: origSize=3569, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2713
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-df1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5h9hpXOc%2FfnNOy5HuqXervQ0VvrLNXXCmtE9Q%2BpRmBgfLFYIe9FMx%2F3zbLSQ1AxhroUHHGRO9clZ8Ut3ZUqw6gP5kijhsT8q4FIB%2FcnWK9kn4z4ztvxJg5Vg5RwFZU7vGMmZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 01 Oct 2022 23:24:30 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421aaca017c8-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 C4QYWGXFC_1wFp8gGLxQEMx0--k.js Show response
wearedevs.net/cdn-cgi/apps/body/ 4 KB
2 KB 108ms
107ms Script
application/javascript 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearedevs.net/cdn-cgi/apps/body/C4QYWGXFC_1wFp8gGLxQEMx0--k.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/cdn-cgi/apps/head/dM3ipLu7q0SolgbDApkhduCYXKU.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95fb59862594fd3e8eb5f2da37a0af4e8fb53998dbb123908d09291fa1ce0da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/exploits
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2682761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: S69S6SSF4H4WM8VH
x-amz-id-2: 2hpTtmeSCQ9460gS5/miOK+fX0ONqq1j9PzC9RCytjnswB4M3DHN2uWjr55W2YqeE1QQlzg3b/A=
last-modified: Thu, 24 Mar 2022 18:51:28 GMT
server: cloudflare
etag: W/"03d1c4f2f372286cd5e3c5581f2d7d47"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8sKDiQ7wlEvkf05h%2B9pEeY4dA7aEr%2BINzyBSN1%2FApbwGGuD7MRwsPYTiWCIF0PvUZcbNyfXFUiNDTVCWKHvdyRlL5mDCyIpKVjsRXbPQtHmRx0wITVFocUWnXpge4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: _HMzEJ6CeFTROO5EaXVMZP1W.twLzbgW
cf-ray: 745a4219eb8c17c8-MEL

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 1095ms
370ms Stylesheet
text/css 142.251.36.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/css/main.css?v=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f10.1e100.net

Software

ESF /

Resource Hash

63fd3f0683ae21580c80c348d64867b6844ed5459071c5237a814563f811b30a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 22:45:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 22:45:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 22:45:54 GMT

GET
H2 200 youtube.png
cdn.wearedevs.net/images/icons/ 274 B
665 B 190ms
190ms Image
image/webp 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wearedevs.net/images/icons/youtube.png

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68cff194f536c86c2df5e8bff6bb495c173fc721d2b0db7bff36699b28f24a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
vary: Accept
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243899
cf-polished: origFmt=png, origSize=521
content-disposition: inline; filename="youtube.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 274
last-modified: Fri, 24 Dec 2021 20:23:49 GMT
server: cloudflare
etag: "61c62c55-209"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcbWhtVgaGduYktwSXvjJ62ajeh1dXFJe0j4uOh4iFdwTfJWCSRj9MVeYdcVb8YvBmvY4jJGqbHdWTWOnmza5KmZvAQ%2F0%2B%2B7UY3y5vAH%2FZXQy2LgczEYJn9lJgQAuAVOGYuc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 01 Oct 2022 17:43:34 GMT
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 745a421a8fa85a98-MEL
cf-bgj: imgq:100,h2pri

GET
H3 200 download-gray.svg
wearedevs.net/icons/ 659 B
838 B 108ms
107ms Image
image/svg+xml 104.26.6.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wearedevs.net/icons/download-gray.svg

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/css/exploits.css?v=19

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.6.147 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9bfff52aa20f1ae29d2d30b68678e53e31b5dfd1a970a4e8ab345187dc6bcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/css/exploits.css?v=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:54 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Apr 2022 17:37:47 GMT
server: cloudflare
etag: W/"624f216b-293"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkFiaPHqWgDxFcasZwsaKzEsn1KAZp%2Fx0p3zNmNS%2BXhqg%2Fo7iLz1mxjnHTtqtzHNGjqlS2Fyy0G3yv5ncfkryTfL80YSrH%2BB%2BU5RSJAZq6IAzF2Z%2B2Z7EY%2Bc91SXNxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=604800, public
cf-ray: 745a4219eb9117c8-MEL
expires: Thu, 08 Sep 2022 21:49:32 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 522ms
180ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wearedevs.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:11:12 GMT
x-content-type-options: nosniff
age: 9283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 20:11:12 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 539ms
197ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wearedevs.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 22:08:26 GMT
x-content-type-options: nosniff
age: 261449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 22:08:26 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 343 KB
121 KB 553ms
209ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

09596118d42c93c42fa5316416d8900e9b2e048d52ea0ecb05fda0ae5a41474c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123675
x-xss-protection: 0
server: cafe
etag: 15731144930145070590
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 22:45:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame 61D0 10 KB
5 KB 512ms
176ms Document
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9142841210062390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 28035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:58:40 GMT
etag: 8616628553774171045
expires: Sun, 18 Sep 2022 14:58:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 523ms
186ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/cdn-cgi/apps/body/C4QYWGXFC_1wFp8gGLxQEMx0--k.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2d86ae0bd0bf65b25efef6e3dcd79bf7c1969730053c112140c6d2dbb11768e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76201
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
700 B 519ms
183ms Script
text/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wearedevs.net&callback=_gfp_s_&client=ca-pub-9142841210062390&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

495ebccf52ddea943b3fe1d2782faf86633c3bbfd42a5b2d1ba0ecc73e5eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 516ms
179ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=wearedevs.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 22:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 518ms
178ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wearedevs.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 22:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 181ms
181ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwearedevs.net%2Fexploits&tn=DIV&cls=smedias&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B4D 188 KB
48 KB 507ms
506ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&adk=1812271804&adf=3025194257&lmt=1662331555&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwearedevs.net%2Fexploits&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554851&bpp=4&bdt=1241&idt=933&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1186197705814&frm=20&pv=2&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=954

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

9e614768315b09833fe39c863a789f57ed2371d51e7a8ab92b61405c5a7cb166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49189
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 95EE 69 KB
28 KB 547ms
546ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

a72557b76e3e4cc52b2b4be959e4e781fb7c76c773b903b6cc8c3ba21d63b9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 376C 69 KB
28 KB 613ms
613ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

fad60abfc0de5ff2e8e4ef605603712efbc6adb0348e9c391c98a8fd526f161b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BD5 69 KB
28 KB 499ms
499ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2880863494&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554858&bpp=1&bdt=1248&idt=972&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XQrFYIG7qJ&p=https%3A//wearedevs.net&dtd=974

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

25eff4b5ed35c58f15524b7685801c9d62ef0e7b24bbd1ddcbf399b344fc881e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28292
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 482ms
181ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-120895803-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

234d7ed9b95b3b48921af94927fac0b94b2dc4f296b8dc19ea20482d62b8bbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41949
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:56 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
345 B 518ms
177ms Ping
text/plain 142.251.12.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-46VWDGRLXJ&gtm=2oe8v0&_p=698534798&cid=1898563230.1662331556&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662331555&sct=1&seg=0&dl=https%3A%2F%2Fwearedevs.net%2Fexploits&dt=Roblox%20Exploits%20%26%20Hacks%20%26%20Cheats%20-%20WeAreDevs&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-46VWDGRLXJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3A2 69 KB
28 KB 532ms
532ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

b72d1821e82c011c7663488ddc87ccce8b43d4eb07108f65582a18b36e9d9f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28374
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7420 69 KB
28 KB 815ms
815ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

4f651bbea61996d5a1570779eea866f158b8b87513ed8a101c504daa42dedd91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 28148
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:56 GMT
expires: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BD5 0
0 189ms
188ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6w2qoyoVY4XpON3Uz7sPysSB-APz--GTbLn_7LPWEOWP_MIDEAEg5-DuK2ClwKOApAGgAbTOkLEoyAECqQIm0lM8PjUJPqgDAcgDyQSqBNgBT9BgrjlBbsSmiToEDcLUyKzrS-7By4zM6eaFdj57FFFGrtfmgnsla76TCOjwa2GQHkK7f5Xr9v1egRy40WjvepWGku61O7D6HN01Nx9A6R0MQlGHdYIv-B7Oz4KiOWeSHKBB7da6BB040r1XQHMbj6B8SJyB2kLjXfbJeKPtFGqSCo5-9DYWYI9JXCyAF8k4X1-xuEHEut2D1boHYteg3RCaLRpsG06ZUejwXLEAQHIAwZxnvN6Gtq1x7tzQxTpGa9KyDPeT-G0mlca2u71BKbNfnGIrvfg3wAThro-AmASSBQQIBBgBkgUECAUYBKAGAoAHtIbhkAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDQiQjSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTE0Mjg0MTIxMDA2MjM5MBgA&sigh=szvjAJWOQFI&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2880863494&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554858&bpp=1&bdt=1248&idt=972&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XQrFYIG7qJ&p=https%3A//wearedevs.net&dtd=974

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2880863494&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554858&bpp=1&bdt=1248&idt=972&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XQrFYIG7qJ&p=https%3A//wearedevs.net&dtd=974
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:56 GMT

GET
H2 200 14201499553179895618
tpc.googlesyndication.com/simgad/ Frame 6BD5 47 KB
47 KB 998ms
660ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14201499553179895618?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkgX8NznTyriCkUtJW7Dtx5_Kp4cA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

3fe589631dc3f71c4525f8efe0e0d04851698b85ff68a03fa26aba98cf635ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:40:21 GMT
x-content-type-options: nosniff
age: 356735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48118
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 02:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 19:40:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 6BD5 23 KB
10 KB 515ms
177ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6BD5 3 KB
1 KB 1166ms
844ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BD5 142 KB
44 KB 4046ms
3707ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6BD5 17 KB
7 KB 1143ms
822ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 6BD5 32 KB
13 KB 1189ms
868ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
server: cafe
etag: 5582946149198005117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:14:26 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/ 149 KB
53 KB 2195ms
2193ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

60b38712be4052c2bc7e41055dcbbc8dd535300bfd2b0def009a75fb408fb2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54506
x-xss-protection: 0
server: cafe
etag: 690120404396446432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 22:45:58 GMT

GET
H2 200 15795296225107358917
tpc.googlesyndication.com/simgad/ Frame 95EE 33 KB
33 KB 786ms
493ms Image
image/jpeg 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15795296225107358917?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql2JjYOHMa1-t_31dzj8YXRy7aanw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

63603ff08279575003183a9b46fc6a92503417064cca99b618c5458d7348fe88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 17:36:09 GMT
x-content-type-options: nosniff
age: 450587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33714
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 22:18:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Aug 2023 17:36:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 95EE 23 KB
9 KB 653ms
361ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 95EE 3 KB
1 KB 1116ms
842ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 95EE 17 KB
7 KB 1090ms
815ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95EE 142 KB
44 KB 3955ms
3663ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 95EE 32 KB
13 KB 1105ms
831ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
server: cafe
etag: 5582946149198005117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:14:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 478ms
177ms Script
text/javascript 142.251.12.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-120895803-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1853
date: Sun, 04 Sep 2022 22:15:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 05 Sep 2022 00:15:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 95EE 0
0 189ms
188ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClmOWoyoVY5OAOJOKz7sPgbWC4Ajc4viXbNPDrMSGENnZHhABIOfg7itgpcCjgKQBoAG38uf9A8gBAqgDAcgDyQSqBM4BT9DVhN3MxEZYCiM2Hj5UiWH-QMdagiBuNWkGH_0V7gfsHjsXG3M-Y2G5tQCKrEJd-TQPaTuwVsDIdj6E9_4rcDY7Tj_zpW7gYWFobqWgCHfNv7o9iIIGnoqGpMquA3PRmNg1fN9Rr-q3SyDrvk-VmNvrM5Mc6WzOkVUlqIWmwf0I05csMki9sRaFZ93CuQOSOIHVYPYeiJjjm2q_ouC06lb8WSbZeJlN5zrhtWMiZl_G_svuP4-TuIaom4rVF7o9oa4GZUMV6xVjRbRl2PzABKrch5jZA5IFBAgEGAGSBQQIBRgEoAYCgAexjZgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQsIoU0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTkxNDI4NDEyMTAwNjIzOTAYAA&sigh=bKyDlQdQ57E&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:56 GMT

GET
H2 200 18062228460206738981
tpc.googlesyndication.com/simgad/ Frame D3A2 35 KB
35 KB 658ms
386ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18062228460206738981?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql7k7Jee5CArA-9JeuoTnmeMzwawA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

ce3fd5162d9d000a1b98ca4f9fed2faf3880febd0d1130776d7fa09bf66efd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:20:50 GMT
x-content-type-options: nosniff
age: 26706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35944
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 03:38:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 15:20:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame D3A2 23 KB
9 KB 474ms
203ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D3A2 3 KB
1 KB 1134ms
867ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D3A2 17 KB
7 KB 1068ms
801ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3A2 142 KB
44 KB 3803ms
3518ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D3A2 32 KB
13 KB 1121ms
855ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
server: cafe
etag: 5582946149198005117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:14:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3A2 0
0 190ms
190ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTGzZoyoVY4y6OqXv3LUPq6uq-ArTsY2bbM-nieX4EPChlJhDEAEg5-DuK2ClwKOApAGgAbTOkLEoyAECqQIm0lM8PjUJPqgDAcgDyQSqBNIBT9CU5z1R88251fSZScCmGqQdYXt10EY1wNAUvVKjwu3z1ldRYo2CQML4d2sA0o_TLsb1lMEsHBMMlkhu04lxFBEgmuYJSyhgpRA3g5Dr3oLrZFuT1n-M7k7YM-YmrMgg508n2czGAAR7wi-LsEqTppIk6ILJUpHKccSJzVKteDM-iRpM1tvWce8b7h6MiWYMgCxwYCSVl2x580RgG2mAH5qsIUbxhUTbJCWDNACF3Pf5u_hZOsrvomj1MbvRaGg9KF56LY1Zwme6BhchGUGXT7LCwATaxI3klQSSBQQIBBgBkgUECAUYBKAGAoAHtIbhkAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC9lwPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTE0Mjg0MTIxMDA2MjM5MBgA&sigh=iOusYSLc70E&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 376C 0
0 191ms
190ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4EvRoyoVY5CUOOu43LUP5vO-mAzTsY2bbM-nieX4EPChlJhDEAEg5-DuK2ClwKOApAGgAbTOkLEoyAECqQIm0lM8PjUJPqgDAcgDyQSqBNIBT9CC7BOovNB7EPr8h_0u2p9CXhwUd8_KKv6X2cikxORC3ablbIiUwrQHHkJ_XBO4EwB_czn7FaTpxD9NIIPaiq7bxiIFbKmT94dukTJ4i801EE9ln2cOMY98pcDOcLM7UDyR2Qg2sTynNtDMFTvvnToO3SypNOzZstRL49rAfJ1m9ZR6O62zmFbrOm1OCbn1mUwCaKRWvmFpSZJ3NLFmLALQwRs98CNkHJ0xE_udnARYDoeU5uTGnFBN1Ai9it5VBHEq4NApnrXRxA5FqHdCgy6pwATaxI3klQSSBQQIBBgBkgUECAUYBKAGAoAHtIbhkAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDlxwnSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItOTE0Mjg0MTIxMDA2MjM5MBgA&sigh=lmdULzuAr9I&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Sep 2022 22:45:56 GMT

GET
H2 200 18062228460206738981
tpc.googlesyndication.com/simgad/ Frame 376C 35 KB
35 KB 776ms
592ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18062228460206738981?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql7k7Jee5CArA-9JeuoTnmeMzwawA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

ce3fd5162d9d000a1b98ca4f9fed2faf3880febd0d1130776d7fa09bf66efd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:20:50 GMT
x-content-type-options: nosniff
age: 26706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35944
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 03:38:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 04 Sep 2023 15:20:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 376C 23 KB
9 KB 418ms
235ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 376C 3 KB
1 KB 1059ms
879ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 376C 17 KB
7 KB 987ms
808ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 376C 142 KB
44 KB 3284ms
3087ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 376C 32 KB
13 KB 1023ms
845ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
server: cafe
etag: 5582946149198005117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:14:26 GMT

GET
H2 200 14201499553179895618
tpc.googlesyndication.com/simgad/ Frame 7420 47 KB
47 KB 731ms
730ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14201499553179895618?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkgX8NznTyriCkUtJW7Dtx5_Kp4cA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

3fe589631dc3f71c4525f8efe0e0d04851698b85ff68a03fa26aba98cf635ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:40:21 GMT
x-content-type-options: nosniff
age: 356735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48118
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 02:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 19:40:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 7420 23 KB
9 KB 766ms
765ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7420 3 KB
1 KB 885ms
883ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7420 17 KB
8 KB 787ms
785ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7420 142 KB
44 KB 3329ms
3318ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7420 32 KB
13 KB 873ms
872ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
server: cafe
etag: 5582946149198005117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:14:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7420 0
0 191ms
190ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFqgwoyoVY6PNOv-44t4PndCgSPP74ZNsuf_ss9YQ5Y_8wgMQASDn4O4rYKXAo4CkAaABtM6QsSjIAQKpAibSUzw-NQk-qAMByAPJBKoE2AFP0Jh1wCPpAehq1vSb5bBP6KcCKUty7BNVjm55cLByD7vZYjOymOHxWIvKMSLZ0Skk_PSLS5pz71UZzVArXIejuFlkbcTt56RMUcFr2ErLo4IcyKOnwxZ0fQt1_m0nrszuppyHgfWNOwwgIIaQXZGgULhgHqTQ3DSFBatw4wOl-dqbWfFcH0X881DvGVB5VxEmSIBYXjkBjRznMmw7FbeRguUixWF5M-hytp4pMmPD4UrEsKt1Bw03F9KQKsmB-oejhNB6zt_IQptE2iB7dQB1jVkf3BfliZbABOGuj4CYBJIFBAgEGAGSBQQIBRgEoAYCgAe0huGQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN_nA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MTQyODQxMjEwMDYyMzkwGAA&sigh=3qnRDCHj6AI&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 22:45:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 64A1 143 B
163 B 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=2880863494&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554858&bpp=1&bdt=1248&idt=972&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XQrFYIG7qJ&p=https%3A//wearedevs.net&dtd=974
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F76 143 B
163 B 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 181ms
181ms XHR
text/plain 142.251.12.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=698534798&t=pageview&_s=1&dl=https%3A%2F%2Fwearedevs.net%2Fexploits&ul=en-us&de=UTF-8&dt=Roblox%20Exploits%20%26%20Hacks%20%26%20Cheats%20-%20WeAreDevs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=430881588&gjid=888761323&cid=1898563230.1662331556&tid=UA-120895803-1&_gid=1486847142.1662331557&_r=1&gtm=2ou8v0&z=656022252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearedevs.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61CC 143 B
163 B 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1266 143 B
163 B 180ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 64A1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

186ms
185ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
expires: Sun, 04 Sep 2022 22:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8F76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

188ms
187ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
expires: Sun, 04 Sep 2022 22:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
444 B 522ms
180ms XHR
text/plain 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120895803-1&cid=1898563230.1662331556&jid=430881588&gjid=888761323&_gid=1486847142.1662331557&_u=YADAAUAAAAAAAC~&z=815352891

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearedevs.net/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 04 Sep 2022 22:45:57 GMT
content-type: text/plain
access-control-allow-origin: https://wearedevs.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61CC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

184ms
182ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
expires: Sun, 04 Sep 2022 22:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1266
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

190ms
188ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
expires: Sun, 04 Sep 2022 22:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A98F 143 B
163 B 181ms
181ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7420 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6284312b4709bdd67a38240e9a983307f348d72b2b9f39486f4cb22df1062f14

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 376C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfa6909122c2a13b1a5e908dd1644fd7c0a35e51111cfe63a6ea317bcf4b5d5

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D3A2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f9c522e07550626831d7f5af6fd8ec5036276896650cfa04bb002f3e5985c99

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 95EE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0309fa8609050f6251598192af6e51dd2679b76628cf6ca110f9a545067898

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
272 B 486ms
183ms Image
image/gif 74.125.24.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120895803-1&cid=1898563230.1662331556&jid=430881588&_u=YADAAUAAAAAAAC~&z=1653475533

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 526ms
185ms Image
image/gif 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120895803-1&cid=1898563230.1662331556&jid=430881588&_u=YADAAUAAAAAAAC~&z=1653475533

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A98F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

182ms
181ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:58 GMT
expires: Sun, 04 Sep 2022 22:45:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 481ms
179ms Script
application/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=wearedevs.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 22:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 479ms
178ms Script
application/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wearedevs.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://wearedevs.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 22:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/ Frame D044 10 KB
4 KB 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 70867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 03:04:51 GMT
etag: 8616628553774171045
expires: Sun, 18 Sep 2022 03:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/ Frame BE20 10 KB
4 KB 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208300101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearedevs.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 70867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 03:04:51 GMT
etag: 8616628553774171045
expires: Sun, 18 Sep 2022 03:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D044 4 KB
732 B 672ms
370ms Stylesheet
text/css 142.251.36.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f10.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 21:44:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 22:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D044 205 B
744 B 516ms
177ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 13:56:08 GMT
x-content-type-options: nosniff
age: 290991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Sep 2023 13:56:08 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D044 604 B
695 B 517ms
178ms Image
image/png 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:21:03 GMT
x-content-type-options: nosniff
age: 66296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Sep 2023 04:21:03 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame D044 19 KB
8 KB 479ms
176ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 16:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23475
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8311
x-xss-protection: 0
server: cafe
etag: 13410161823615325117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 16:14:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F1E3 624 B
297 B 182ms
181ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCn3-3eAhiourKzATAB&v=APEucNVmdZ0Sp9OLqPfAWdkXNU9pIiADYQFMYG_4QKXJDn8oKEJoDo1d5SdDGfTKWIHwzZBKoqRXc5Bwf8erlC9Gn8BKlCWuFQ

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 69DD 80 KB
33 KB 228ms
228ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuWDUc38DPSlMPkxIOUKUkOZ0fnGODV6SgnMNKU-oRowGw-M1ikSMvEROLkLYLzKJIX9Wz_mfwMmMgx85DPmz1s1c4o8v6SxxNT2mKx-eB-k--JrT2QGx6XATT1uT9HKmwOpNskkg4w8hBv0BZADZdWMQB9Q&dbm_d=AKAmf-AvkJf3L6rMDPg_DxYF1SlJDRZN9Jm2Pnc5O855zEoHbctBBncjfv6kj0AlGZraPojNo5ownH6aRpvyn09GglCkPBggSZJRbwcna_c-2vf8-d5EOE7pbk-QWmFY0q2GhWv8X7rwou3Yv5EmMcAspnv2pN39Z78fbNtPfr7d5K3I5VBtR5V4cxUtdwfuN_Yo8JtlXDR3F2bcH0ZBBjopOsl26iUeYR-Vc2gkxMytbnkoHQpumgfSTegEnHbTaiH04tP7BDgVPkRhkbzAckdv7sCwS4PSG6M16ybb8ylwigWPWfLRb7sD-cDiXqwNPUF6ky4FZji22uKF7zU6TsvaSJhvdMllNXEBtknOGZ5Xp_vC4fSoI9a0y4e1UOJPuF4dLuf9u4ryh5axnDke8g2yrAnpdz2jZhCwOytyfW8f07uzFVxBJ76zBR6CKiGdvOiRten81OOY6BEeG22CcK9jSpK4fWSup1KRc-7feE21RxOSfg7Fo5uEmJd-hDdB3pJlIk_nWjawxs1iRoUMghDwBPf_nsxRt8iwANBBFiyeIKmJfOxZ92iKpfSXIH5w7LxeylY0Ch5JMRi7sTUIoooPYx0OaYIT2KHgH1UzYSgL683sxHOODWZEmeX5_YCee-WzshVzWBgWjshOVxaPPO6faKj-Zsix-UsaGyjdxg0WY6YVGaezTbDPqGPH03QN7Dpje3waiJkhBgc7UwpHXHXz9cnaAJFNr_-aLMx_Qun3FgotvBnQH7LerHh_a3xz-BUIwKhWCK2ysyOrULyx3e7eWCMdBhijqoMkn9hmC-trGPEsBeM3eg21fhy30Nu83BkRCibF7oioT_7iBEvUq-r4aqiLLzcK3cMUb3GnGcysF0Px_PDzzrC4MlsVm1PCwcs4lKoiVfkpXCOPUCVSgNzuRvfBwkn_r3jmmiBQ-caxhaGCu0qmkp0beFBPHtQTo3ReIy1aQIaMjRKFCkAHwbl7koi10o79ZWof_q7fw5nnQcu1vr-J2M_0W-2b0W5pVnnxHTOh1H7gvfpFemCPVAigt0Bch_qu-Z-Nb2c7AwXbGf9AaxHfPJUKq2uSwebZLqV1jDg7-zofWtJHcrEq1MYQGYJVx9g1rwdR-WQAs8yXUdKgtG2MrsgzuaI3nCuHM12ClaAnDko5WNeFLs3H_q4O1iA8l6068n_7_Q5GZUCLuF_eH4Ti6deT6fDvsI7YAw3Bo7vz9VLuoTEyX0iQA2zfFb7mcqlkYSSzdbv2SHuSPrUTPtedPDxL-sndAxJCborUICYejqlZX5PVIYn4iaXEU5Mne8TDb-63TOqzB1yZNKAZ0d84yZnDaCbn-a3LFwN1Wkmo_JcD7HUHgt0mY2FBFcN5jlE7Xg74ra7m8_4t4ny8frTy3SBea6tTNhlwJ66w_-R9dtVL7q2LoMhPj4krKdB2MkPXXKO424el7W7laNezxS_Eb3c3FAWxn6bnKWP_MuRuCMJ5NFqXYiKlWOfiS-n9kGLlZKSrR2yB-d5lxY19oUfsF8lMd-u2ySO2hr5bf0wFW8sEgfYdV6VKAhNuH30ljeNDIwxBBoqkqkYliPXqCmkDzmaf7IXkiecVigEiEc0-eg8YfgLHuWUtRF68xyJS35tBiPhnqCWFVwvKiIE5YXpeJNgUtDNV5h4mlQAJz9M6RTFFrnMfcH6Cqvm8RimPGnck0VXUtk0qVCGqbZTv7Q-0--OWrbmXT_D9D8TOcEBP_N5qmZ2S_3rPU1srHLu_Pg8GYRnXhKqBmFXFDzUJo7mIbDbC_syqvNAYvcqoMJwSnQELReVouo-dNwQNRDrZ09zV6hVftlerT09LI8SbZUxGvy5vdah1IbwxqwNCxRPHCRHUW2AIWJGVsowo7iJQVr_nrRfpcW--4GYNJZ6212htfcqYUjXmOUZhODAkgbxK5xW8sdF7lkYPLsKXCfUiu-NwzPSqhU6QOCO5WbZFbgMFEOpSZQTfI_7Bn4XWIBXaP-oWEk7Ol0rOpqRe-kKbZ4eOlMdY3C_Zq-LLn_Im2Z4c8GxWsrFhs295YWzo5kkQJnSsf6UnoSfbdPx9a7v6wFvDfoL-wjkUtETmIxujL7a6OMfzson0YVTixwfsBcKjyU78sbqUV_lceBhJqSBibyuHcxGqfj06q_4JsLtZYpwHuCq8TgSHP52BkK75HuWlDElTw5nvxtCjdfstvWPgvAp9cTVlh3YCAICHKOfBgbmbcNM30fW-5lvJCWtKHxIHjol93rZK-3DFqkBgzP0lk56fTrhTcx4RpI-1F11Jm2mgsyp3nU3I479bWU_uXlsuFQ57lApT0danMqA9RGkxwLlRgwG4J7u3rBtDXdT7iaNK3IkditK7KFKfexjtG9xqfNjYr7ANC8vwyQl7ZkRxhn4aAVefh4CfauesrVLrv5pWP4YLLVPujjTGCX2axxyOzMwX36UUxqZ0DadyQ2iXvdA8PMf5qF4lvcz_PuAQ244WG4oa-LgM8GRlrbcJfHhd7fDERvD38PD2q2EVWx8m_OYgAYUOiNdV7o6x3Zz0XJ1yap4YsnA5Aw7FY-KFXlC2wRbmxpcleQEL5R6HIrQ-MJCMA7w3Zqzqazcal1LMMB_PZ2WpUJgLpYNP1dnXu8wB_P41kKy_0-FcRHRo83qQV5wS0icbS9K-hbTMZlp7JSQAOpd-fVIzWGTOp7KvuWJ-iJjVJh-XkQ59cIyQmU-7vADq8IoL0SzLZWfu4KnH22N9QFOyjua0SFQI3yDBTfKsJc4mlgLX42pM_Qokm1IzNynKrQ8jyKdvBb9J3iOSA-99i7n5iPWRvkVfvqZyIB1whyXJCKf1GQE7V9KsBFzpx5crOD4GGw0bpOEw-oXtt9avaN9ts1xNe3E2mXtK8mVrvgzVTYGPmo_L8pHPYfDeld9TdYCaSoU7JJZiVSm38f-Le6KqHpUp9G4o48gzJHjyD-SivGMAoml6D_X9ymBWUG8uww&cid=CAASBORokiU&rfl=2%2Chttps%253A%252F%252Fwearedevs.net%252F%240

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

20842146d4c30d0b6ef1a121c1297f484dae0b22466baf437d11131b97507bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 69DD 3 KB
1 KB 480ms
179ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 69DD 17 KB
7 KB 477ms
176ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69DD 142 KB
44 KB 1495ms
1495ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69DD 42 B
63 B 181ms
180ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVtZrY-YdprAhmM4sOvpfsycq8nwlbZnQAj0fcVBoxrCIBL1VCoujNuVFUzF3XXVezKHvTPVDqXy1ZKobhwBWyvd_xHrhE8jz5HfukYJZ-Gi5kZFI

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F1E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1

43 B
844 B

237ms
236ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCn3-3eAhiourKzATAB&v=APEucNVmdZ0Sp9OLqPfAWdkXNU9pIiADYQFMYG_4QKXJDn8oKEJoDo1d5SdDGfTKWIHwzZBKoqRXc5Bwf8erlC9Gn8BKlCWuFQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 745a423ae89a17cd-MEL
pragma: no-cache
date: Sun, 04 Sep 2022 22:46:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSTyy1GupyZcGr9g28xujXGR0L5p2sjR7dMGVgf69eRjKa0WAfMVZ%2FxqCYl5Lgd4PZuXRLebn9kLbwxn%2BKFmjwTqw1F6p%2FB8wziWnq0wLPmdsBD7l8q3u7%2BcMbcdL4IzywiJBDGnupeMXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F1E3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxUqp8kJd0CkhJ.Ra0jLegAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1&google_hm=2

43 B
847 B

224ms
224ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCn3-3eAhiourKzATAB&v=APEucNVmdZ0Sp9OLqPfAWdkXNU9pIiADYQFMYG_4QKXJDn8oKEJoDo1d5SdDGfTKWIHwzZBKoqRXc5Bwf8erlC9Gn8BKlCWuFQ
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 745a423b28f117cd-MEL
pragma: no-cache
date: Sun, 04 Sep 2022 22:46:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO0MLtMA9A%2Be6cw17G6bcD%2FyU0ucZLsqsufqMIiDAwv9Db7SwYQZB5Lgsilh%2BJZYkkpukphodXR1x%2Bed4sIlzI4Qje8rdVgvNQdESuAxfnjfMf0Ak3v1EceF5F2k%2BCyd%2B%2B0qNNX0kJEOKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELKZykpSE-DYfkc3yKZEgCQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F1E3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHb13peI3yeHfVI4C29Ds40&google_cver=1

43 B
1017 B

235ms
234ms

Image
image/gif

104.254.150.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHb13peI3yeHfVI4C29Ds40&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCn3-3eAhiourKzATAB&v=APEucNVmdZ0Sp9OLqPfAWdkXNU9pIiADYQFMYG_4QKXJDn8oKEJoDo1d5SdDGfTKWIHwzZBKoqRXc5Bwf8erlC9Gn8BKlCWuFQ

Protocol

HTTP/1.1

Server

104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 22:46:00 GMT
X-Proxy-Origin: 103.209.254.59; 103.209.254.59; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d731edd0-ebe2-4664-865f-06662d119292
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:45:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHb13peI3yeHfVI4C29Ds40&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F1E3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NTU3NDE2NTEzMTY1OTE2

170 B
243 B

373ms
373ms

Image
image/png

142.251.37.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NTU3NDE2NTEzMTY1OTE2

Requested by

Protocol

Server

142.251.37.98 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:46:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 22:45:59 GMT
X-Proxy-Origin: 103.209.254.59; 103.209.254.59; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9b49aa37-377a-4a79-af2b-3e94ea3190fc
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3NTU3NDE2NTEzMTY1OTE2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 69DD 170 KB
59 KB 526ms
181ms Script
text/javascript 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:59:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Sep 2022 09:59:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 69DD 8 KB
3 KB 180ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuWDUc38DPSlMPkxIOUKUkOZ0fnGODV6SgnMNKU-oRowGw-M1ikSMvEROLkLYLzKJIX9Wz_mfwMmMgx85DPmz1s1c4o8v6SxxNT2mKx-eB-k--JrT2QGx6XATT1uT9HKmwOpNskkg4w8hBv0BZADZdWMQB9Q&dbm_d=AKAmf-AvkJf3L6rMDPg_DxYF1SlJDRZN9Jm2Pnc5O855zEoHbctBBncjfv6kj0AlGZraPojNo5ownH6aRpvyn09GglCkPBggSZJRbwcna_c-2vf8-d5EOE7pbk-QWmFY0q2GhWv8X7rwou3Yv5EmMcAspnv2pN39Z78fbNtPfr7d5K3I5VBtR5V4cxUtdwfuN_Yo8JtlXDR3F2bcH0ZBBjopOsl26iUeYR-Vc2gkxMytbnkoHQpumgfSTegEnHbTaiH04tP7BDgVPkRhkbzAckdv7sCwS4PSG6M16ybb8ylwigWPWfLRb7sD-cDiXqwNPUF6ky4FZji22uKF7zU6TsvaSJhvdMllNXEBtknOGZ5Xp_vC4fSoI9a0y4e1UOJPuF4dLuf9u4ryh5axnDke8g2yrAnpdz2jZhCwOytyfW8f07uzFVxBJ76zBR6CKiGdvOiRten81OOY6BEeG22CcK9jSpK4fWSup1KRc-7feE21RxOSfg7Fo5uEmJd-hDdB3pJlIk_nWjawxs1iRoUMghDwBPf_nsxRt8iwANBBFiyeIKmJfOxZ92iKpfSXIH5w7LxeylY0Ch5JMRi7sTUIoooPYx0OaYIT2KHgH1UzYSgL683sxHOODWZEmeX5_YCee-WzshVzWBgWjshOVxaPPO6faKj-Zsix-UsaGyjdxg0WY6YVGaezTbDPqGPH03QN7Dpje3waiJkhBgc7UwpHXHXz9cnaAJFNr_-aLMx_Qun3FgotvBnQH7LerHh_a3xz-BUIwKhWCK2ysyOrULyx3e7eWCMdBhijqoMkn9hmC-trGPEsBeM3eg21fhy30Nu83BkRCibF7oioT_7iBEvUq-r4aqiLLzcK3cMUb3GnGcysF0Px_PDzzrC4MlsVm1PCwcs4lKoiVfkpXCOPUCVSgNzuRvfBwkn_r3jmmiBQ-caxhaGCu0qmkp0beFBPHtQTo3ReIy1aQIaMjRKFCkAHwbl7koi10o79ZWof_q7fw5nnQcu1vr-J2M_0W-2b0W5pVnnxHTOh1H7gvfpFemCPVAigt0Bch_qu-Z-Nb2c7AwXbGf9AaxHfPJUKq2uSwebZLqV1jDg7-zofWtJHcrEq1MYQGYJVx9g1rwdR-WQAs8yXUdKgtG2MrsgzuaI3nCuHM12ClaAnDko5WNeFLs3H_q4O1iA8l6068n_7_Q5GZUCLuF_eH4Ti6deT6fDvsI7YAw3Bo7vz9VLuoTEyX0iQA2zfFb7mcqlkYSSzdbv2SHuSPrUTPtedPDxL-sndAxJCborUICYejqlZX5PVIYn4iaXEU5Mne8TDb-63TOqzB1yZNKAZ0d84yZnDaCbn-a3LFwN1Wkmo_JcD7HUHgt0mY2FBFcN5jlE7Xg74ra7m8_4t4ny8frTy3SBea6tTNhlwJ66w_-R9dtVL7q2LoMhPj4krKdB2MkPXXKO424el7W7laNezxS_Eb3c3FAWxn6bnKWP_MuRuCMJ5NFqXYiKlWOfiS-n9kGLlZKSrR2yB-d5lxY19oUfsF8lMd-u2ySO2hr5bf0wFW8sEgfYdV6VKAhNuH30ljeNDIwxBBoqkqkYliPXqCmkDzmaf7IXkiecVigEiEc0-eg8YfgLHuWUtRF68xyJS35tBiPhnqCWFVwvKiIE5YXpeJNgUtDNV5h4mlQAJz9M6RTFFrnMfcH6Cqvm8RimPGnck0VXUtk0qVCGqbZTv7Q-0--OWrbmXT_D9D8TOcEBP_N5qmZ2S_3rPU1srHLu_Pg8GYRnXhKqBmFXFDzUJo7mIbDbC_syqvNAYvcqoMJwSnQELReVouo-dNwQNRDrZ09zV6hVftlerT09LI8SbZUxGvy5vdah1IbwxqwNCxRPHCRHUW2AIWJGVsowo7iJQVr_nrRfpcW--4GYNJZ6212htfcqYUjXmOUZhODAkgbxK5xW8sdF7lkYPLsKXCfUiu-NwzPSqhU6QOCO5WbZFbgMFEOpSZQTfI_7Bn4XWIBXaP-oWEk7Ol0rOpqRe-kKbZ4eOlMdY3C_Zq-LLn_Im2Z4c8GxWsrFhs295YWzo5kkQJnSsf6UnoSfbdPx9a7v6wFvDfoL-wjkUtETmIxujL7a6OMfzson0YVTixwfsBcKjyU78sbqUV_lceBhJqSBibyuHcxGqfj06q_4JsLtZYpwHuCq8TgSHP52BkK75HuWlDElTw5nvxtCjdfstvWPgvAp9cTVlh3YCAICHKOfBgbmbcNM30fW-5lvJCWtKHxIHjol93rZK-3DFqkBgzP0lk56fTrhTcx4RpI-1F11Jm2mgsyp3nU3I479bWU_uXlsuFQ57lApT0danMqA9RGkxwLlRgwG4J7u3rBtDXdT7iaNK3IkditK7KFKfexjtG9xqfNjYr7ANC8vwyQl7ZkRxhn4aAVefh4CfauesrVLrv5pWP4YLLVPujjTGCX2axxyOzMwX36UUxqZ0DadyQ2iXvdA8PMf5qF4lvcz_PuAQ244WG4oa-LgM8GRlrbcJfHhd7fDERvD38PD2q2EVWx8m_OYgAYUOiNdV7o6x3Zz0XJ1yap4YsnA5Aw7FY-KFXlC2wRbmxpcleQEL5R6HIrQ-MJCMA7w3Zqzqazcal1LMMB_PZ2WpUJgLpYNP1dnXu8wB_P41kKy_0-FcRHRo83qQV5wS0icbS9K-hbTMZlp7JSQAOpd-fVIzWGTOp7KvuWJ-iJjVJh-XkQ59cIyQmU-7vADq8IoL0SzLZWfu4KnH22N9QFOyjua0SFQI3yDBTfKsJc4mlgLX42pM_Qokm1IzNynKrQ8jyKdvBb9J3iOSA-99i7n5iPWRvkVfvqZyIB1whyXJCKf1GQE7V9KsBFzpx5crOD4GGw0bpOEw-oXtt9avaN9ts1xNe3E2mXtK8mVrvgzVTYGPmo_L8pHPYfDeld9TdYCaSoU7JJZiVSm38f-Le6KqHpUp9G4o48gzJHjyD-SivGMAoml6D_X9ymBWUG8uww&cid=CAASBORokiU&rfl=2%2Chttps%253A%252F%252Fwearedevs.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:38:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 69DD 30 KB
12 KB 179ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:43:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:43:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 69DD 41 KB
15 KB 179ms
179ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 22:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Sep 2023 22:00:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 805C 8 KB
893 B 374ms
374ms Stylesheet
text/css 142.251.36.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f10.1e100.net

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 21:33:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 22:45:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 805C 2 KB
902 B 179ms
179ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 17:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 17:15:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 805C 23 KB
9 KB 180ms
179ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:32:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 22:32:19 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 805C 3 KB
1 KB 243ms
243ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 20:24:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 20:24:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 805C 17 KB
7 KB 183ms
182ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16411
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 18:12:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 805C 142 KB
44 KB 624ms
623ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 22:45:59 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 805C 33 KB
14 KB 487ms
186ms Script
text/javascript 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 21:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 21:46:48 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2841 22 KB
8 KB 184ms
183ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 236618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 05:02:21 GMT
expires: Sat, 02 Sep 2023 05:02:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B33 143 B
163 B 179ms
179ms Document
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 22:01:06 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2841 36 KB
16 KB 179ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B33
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
23 B

182ms
181ms

Document
text/html

74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:46:00 GMT
expires: Sun, 04 Sep 2022 22:46:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:45:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/3657055938533130240/ Frame 5438 5 KB
2 KB 693ms
181ms Document
text/html 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

2877d1d64d538beff1cfe396d920ca024a16d22be14e7a9fb93dd1995d52cb2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2102
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 22:46:00 GMT
expires: Mon, 04 Sep 2023 22:46:00 GMT
last-modified: Wed, 08 Sep 2021 02:56:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 69DD 0
436 B 570ms
567ms Ping
image/gif 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgcxGOiabdb6NgExWLrR10rv0L8AM7MaqrXA0ZnM9TlIKp5vc-JuPzXryOZMQ0SuNSxceHN7iLgAhH9CPOqgq8mUndWwa_S1oS6x5ibAFOFXYJBPyQi90Bv_SWogAiwZbtNa9Gbh7rsSBwFqsIbosRjjb-7Xmjim5jiYNtsynRtZo3PK01nSOvtjZhLbQbslDdT8-qzDysxeOjoQmEM-BrPeARb66GeGLhulKrp_seT2xjNq79rDQbVDmcTceuuOB7DKBK8uFFE0GQC8vITugmwGcova4lqyT-pGXrhn-tw3l5o9sDIVKETg9TDi8aRByTmSMerWIuAgQNBl55Oqv243ib8Zd-w310FnVKWuRW0MPK66sEd_hXrhGuMOiJIveRDMhcK3vSY9lsb2YTZV6Sx-6OZ3RCJWzfjCY1-4qO-ADrWNy7NO2mIse7A6O_2miHeDsNX4DHlT3G9c_bf4pQw9ZzT8BhuBks9AlKhENlYZutX_GvVUMY_YdfRlVGroFWyJzs5r23D0aNBgOBevNSvzB4dFwo8pT3uw7E_xjpJz3Apgd4MwRv5gslwHIr-xBx2i-eOYoBcfR5dkJUu4tivqqLA3FKZ-lBkxTD3ExhXgmpKO97s4xhu7zQzvpTImnIaKidJdp5OZQrvfO3uF2rYUvQks6zKRs88mjPporZs9RGMV7aubXSHDH8ImEcXEdPnChiQX25hwjTJS60Mh-CqbT6lCq_USgVTtY0UkSoBcTmsgStFgL9R5ywIyrCucl8i9kSsrAuE6UU6k6Cwf2yzX0Dw3qJfsCgwHkxLaVV_1sX-dGj-NBKpqGxqSMvDFbYsmR-agJsqULVjWrt60zoUOdkZzeFHgtOqHHXwWPOIoOrS6utciDDzHLx5ws1uZq-IkM_UB3ef4OMmM3X8aezLxG9vwJN1OrXuOiv93ej4ESKrOSscnx2vd-t__H8ogWPdIF-HA8eB1Ox5fDxZWqHKX6fU4HA4D8ktP0NcpZu_ZYOCv7NMUrTsYOsNTrRjB7JTMZRF6BBWyjLLDPk9kjZ8O_lHDHBkFAxJapL9Ud9wY9_c5FeqqeHuJZYGty2uWwq-huWrK4wADGw4dcDL7x_ubaLPvRJl0hyTJKgT3LW9riWgjScPdUWTUzRLrf3CPxFku0nTmRo7p2EozGbDkJ82Fjg6bz6sCdc5CY2cfk&sai=AMfl-YR6fg7WdBYeA3g5OlLKd7kJ2M_kNu9UaF4rSQBuj_AaqvUA3r_mEpzIEFWONN_ShL90FQR6BCqR8SPx6EYOnU6KehH7-ValZmFA98pwlIaLIKXIusrg3Lvp2kncCy36j9Ul&sig=Cg0ArKJSzJle6-XFNNQZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=829&cbvp=1&cstd=823&cisv=r20220831.74861&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 22:45:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2841 0
28 B 183ms
183ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_w8-pioVY7KsN6yH9fwP4duw8AQAAAAAOAHgBAI&bg=!7e6l7qrNAAZTikH4c4o7ACkAdvg8Wreh3NWZifRpdaQ6N1PqH6PCUjHWSK8boeJkSuQwUwin2_d4qwIAAABUUgAAAARoAQeZAwYPdJxm4etnU0hg9TW6WUzDZMAAFeW1gxeN8bRtuGGI1uWMsSHypGBsX9xQU8BP_a9zFQfGU7Eqjp9bAnKr-1Uf9ujMFQHxz4EVMf190w_jQWolsZTvqXspQbC3XUvLDNCBirLgh0gjZ1-dpGWOeM70NT2F1XAVkfoEy-EjEhOsx8NukUAFbi9D9HURFpo8aYN3HTc214d4JR2_zqwn2sa1U69qmbl3ZPMA3YyvlijUnyCVksdgSZz_TGIUjvD4qOypNCBEECs46H0fBWqFe_rl3Sj54a2dUqAIc7KBftTIt-GOlNDl_YE5Kg_SA3WfijBZspxrB3UAKO62ykqBFpRRIKaZ5iLyUHjGvjTtnX232cRyNcelX1_viHcWen8PEWp55F17XM56VXwxFIPIsJJXWgCitbQyJ4e5NNrCoAXA7G3-AEuWAUumw7c0Xd5_UgI57u21Gg0fU4hS7Prc2VmKW0mnyuj0swYS0uAkkcF3hwfYM9PPdGDkDUJhZfxk8wCcuWyjF5B2vEr6hHvUr1CiYUm8EQ6FEbTiwAFaSQ4lLD0sMVSltCaql7RTAR14nFPDUlvJmKM6aeBipEF5Q3r_uCg_zYpTnUsMtI35gG87Lv7cx2duGuBd9_57AZFoqRTHeNytAy9RwRBOnU8qX5vQDZ1CAne5KAd5EBPDhwNENshIRBY2Ti6OerVTkNOzv8TVrDK7CIxCRleG10UtRLthhSk_GPnkPmPMNOqNtw7IC0PtzN9ZueNg-7b-CjgO2DiKQSw__fOfT0CjMcEw-BHUM_r7mAuRNGTrQllgy6IWqcP0OLG_cvYp48AdEhNDuIIDiS6XkgcELGUnusL1uqv1xmuuidYxHB4J1ZSrone5Chsb_Zeesok3iHXGPbaVik-6eWVlYWbCcx1f7tSe56czHcrJ5Xcanfl6ELjuCRlPNnho-TrYJ2I_lbP2YBwIdD4YwfNgv5zpX6l0WBSN6F_npV3P_oGKlZiVVZYS5U7UXMWeIbFJhjaov3U_9tAKmYTjqCvxf4E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 22:46:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EE1 36 KB
16 KB 179ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=3151132953&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554857&bpp=1&bdt=1247&idt=962&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=314&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=foDhyLcjKi&p=https%3A//wearedevs.net&dtd=965

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame ECA2 36 KB
16 KB 179ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=401570655&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554888&bpp=1&bdt=1278&idt=970&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1648&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AeDnNYPOC1&p=https%3A//wearedevs.net&dtd=973

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame EA91 36 KB
16 KB 180ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: wearedevs.net
URL: https://wearedevs.net/exploits

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame D719 36 KB
16 KB 180ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=1994834710&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554885&bpp=3&bdt=1274&idt=968&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250%2C300x250&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=1386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=qGHHrfHGBx&p=https%3A//wearedevs.net&dtd=971

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
DATA 200
OK truncated
/ Frame 6BD5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6da28d4ed0ee457a2fd4ff1144e8ba11465f1eda1ca3309cec73deaa4e0536d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 38A3 36 KB
16 KB 180ms
179ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9142841210062390&output=html&h=250&slotname=3739798263&adk=857477039&adf=4272225274&pi=t.ma~as.3739798263&w=300&lmt=1662331555&psa=0&format=300x250&url=https%3A%2F%2Fwearedevs.net%2Fexploits&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662331554855&bpp=2&bdt=1245&idt=956&shv=r20220831&mjsv=m202208300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1186197705814&frm=20&pv=1&ga_vid=1898563230.1662331556&ga_sid=1662331556&ga_hid=698534798&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1288&ady=52&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069206%2C44771547&oid=2&pvsid=981218885085082&tmod=996171503&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=c09KmsTcPs&p=https%3A//wearedevs.net&dtd=962

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CA8 36 KB
16 KB 182ms
181ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 20:29:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 20:29:52 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 5438 109 KB
37 KB 182ms
180ms Script
text/javascript 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 10:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Sep 2022 10:46:22 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5438 186 KB
48 KB 316ms
315ms Script
text/javascript 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 22:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 22:46:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5438 2 KB
528 B 374ms
373ms Stylesheet
text/css 142.251.36.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:700&subset=latin

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s11-in-f10.1e100.net

Software

ESF /

Resource Hash

5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 22:19:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 22:46:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 22:46:00 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/3657055938533130240/ Frame 5438 22 KB
6 KB 250ms
248ms Script
application/x-javascript 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.js?1596604532757

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

212dfbe89adfecf6e63ad8e64ece1e81cf59d773a4834b2eb840c3e8bfefce48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3657055938533130240/728x90.html?e=69&leftOffset=0&topOffset=0&c=0NIJsFn0Uh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 02:56:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Sep 2023 09:12:47 GMT

GET sodar
pagead2.googlesyndication.com/getconfig/ Frame 5438 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 376C 0
0

POST view
googleads4.g.doubleclick.net/pcs/ Frame 69DD 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

GET JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 5438 0
0

GET 34119602_20200518190613194_1x1.png
s0.2mdn.net/ads/richmedia/studio/34119602/ Frame 5438 0
0

GET 34119602_20200519035843466_logo.png
s0.2mdn.net/ads/richmedia/studio/34119602/ Frame 5438 0
0

GET file.mp4
gcdn.2mdn.net/videoplayback/id/d673d8d42ea34413/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,sour... Frame 5438 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj2JEFA9Bwc9ktfJurng1Ut6Hdm-RFQy_8ZrIzL299fG2tqCgzepmyJZyOPaqK5FRsZaO3ZYFQNoF7eUDP3yyT6IfI1W2b3ADhLB7v546kYgFfThojOAYIAXUzp7pb6Gwld-U&sai=AMfl-YQpS9W9HgkaqBn742qAD-mlo3dAShrCQID_VVjbgAh9b753d3sb1XTtrSpfLF_x0S2o_3kR5-5XlJY1&sig=Cg0ArKJSzJN4-B36rE6KEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=857477039&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662331555823&rpt=4228&met=mue&wmsd=0

Domain: googleads4.g.doubleclick.net
URL: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgcxGOiabdb6NgExWLrR10rv0L8AM7MaqrXA0ZnM9TlIKp5vc-JuPzXryOZMQ0SuNSxceHN7iLgAhH9CPOqgq8mUndWwa_S1oS6x5ibAFOFXYJBPyQi90Bv_SWogAiwZbtNa9Gbh7rsSBwFqsIbosRjjb-7Xmjim5jiYNtsynRtZo3PK01nSOvtjZhLbQbslDdT8-qzDysxeOjoQmEM-BrPeARb66GeGLhulKrp_seT2xjNq79rDQbVDmcTceuuOB7DKBK8uFFE0GQC8vITugmwGcova4lqyT-pGXrhn-tw3l5o9sDIVKETg9TDi8aRByTmSMerWIuAgQNBl55Oqv243ib8Zd-w310FnVKWuRW0MPK66sEd_hXrhGuMOiJIveRDMhcK3vSY9lsb2YTZV6Sx-6OZ3RCJWzfjCY1-4qO-ADrWNy7NO2mIse7A6O_2miHeDsNX4DHlT3G9c_bf4pQw9ZzT8BhuBks9AlKhENlYZutX_GvVUMY_YdfRlVGroFWyJzs5r23D0aNBgOBevNSvzB4dFwo8pT3uw7E_xjpJz3Apgd4MwRv5gslwHIr-xBx2i-eOYoBcfR5dkJUu4tivqqLA3FKZ-lBkxTD3ExhXgmpKO97s4xhu7zQzvpTImnIaKidJdp5OZQrvfO3uF2rYUvQks6zKRs88mjPporZs9RGMV7aubXSHDH8ImEcXEdPnChiQX25hwjTJS60Mh-CqbT6lCq_USgVTtY0UkSoBcTmsgStFgL9R5ywIyrCucl8i9kSsrAuE6UU6k6Cwf2yzX0Dw3qJfsCgwHkxLaVV_1sX-dGj-NBKpqGxqSMvDFbYsmR-agJsqULVjWrt60zoUOdkZzeFHgtOqHHXwWPOIoOrS6utciDDzHLx5ws1uZq-IkM_UB3ef4OMmM3X8aezLxG9vwJN1OrXuOiv93ej4ESKrOSscnx2vd-t__H8ogWPdIF-HA8eB1Ox5fDxZWqHKX6fU4HA4D8ktP0NcpZu_ZYOCv7NMUrTsYOsNTrRjB7JTMZRF6BBWyjLLDPk9kjZ8O_lHDHBkFAxJapL9Ud9wY9_c5FeqqeHuJZYGty2uWwq-huWrK4wADGw4dcDL7x_ubaLPvRJl0hyTJKgT3LW9riWgjScPdUWTUzRLrf3CPxFku0nTmRo7p2EozGbDkJ82Fjg6bz6sCdc5CY2cfk&sai=AMfl-YR6fg7WdBYeA3g5OlLKd7kJ2M_kNu9UaF4rSQBuj_AaqvUA3r_mEpzIEFWONN_ShL90FQR6BCqR8SPx6EYOnU6KehH7-ValZmFA98pwlIaLIKXIusrg3Lvp2kncCy36j9Ul&sig=Cg0ArKJSzJle6-XFNNQZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2045&vt=11&dtpt=1216&dett=3&cstd=823&cisv=r20220831.74861&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/34119602/34119602_20200518190613194_1x1.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/34119602/34119602_20200519035843466_logo.png

Domain: gcdn.2mdn.net
URL: https://gcdn.2mdn.net/videoplayback/id/d673d8d42ea34413/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,source,requiressl,ratebypass,mime/signature/69EFC1B9160D956C21E55765B11A56F2557E6D4E.3DA7776DA522A18E93D8F377D922EBDE7D77DC66/key/ck2/file/file.mp4

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wearedevs.net/	1970-01-20 15:21:31	Name: _ga_46VWDGRLXJ Value: GS1.1.1662331555.1.0.1662331555.0.0.0
.wearedevs.net/	1970-01-20 15:07:07	Name: __gads Value: ID=314140ec4c541be3-22a3aa442dd600d7:T=1662331556:RT=1662331556:S=ALNI_MYQ0TMnWRXyY0RLVSz8P3Flihwppg
.wearedevs.net/	1970-01-20 15:07:07	Name: __gpi Value: UID=0000097672570b53:T=1662331556:RT=1662331556:S=ALNI_MbkC1H2l0vzK8cvPgJVZXdKxfnQOg
.doubleclick.net/	1970-01-20 15:21:31	Name: IDE Value: AHWqTUnXCXu5u2MxlhFu26XaBk9bxD4TgetEN0TwJEMT6m8-3oVP01uAA2PhLFiBz0I
.wearedevs.net/	1970-01-20 15:21:31	Name: _ga Value: GA1.2.1898563230.1662331556
.wearedevs.net/	1970-01-20 05:46:57	Name: _gid Value: GA1.2.1486847142.1662331557
.wearedevs.net/	1970-01-20 05:45:31	Name: _gat_gtag_UA_120895803_1 Value: 1
.doubleclick.net/	1970-01-20 05:45:35	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 14:31:07	Name: CMID Value: YxUqp8kJd0CkhJ.Ra0jLegAA
.casalemedia.com/	1970-01-20 07:55:07	Name: CMPS Value: 4735
.casalemedia.com/	1970-01-20 07:55:07	Name: CMPRO Value: 4735
.adnxs.com/	1970-01-20 07:55:07	Name: uuid2 Value: 247557416513165916
.casalemedia.com/	1970-01-20 07:55:07	Name: CMTS Value: 5314

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
cdn.wearedevs.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
wearedevs.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
fonts.gstatic.com
gcdn.2mdn.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
104.18.18.126
104.254.150.241
104.26.6.147
142.251.10.156
142.251.10.97
142.251.12.100
142.251.12.154
142.251.36.106
142.251.37.98
172.217.194.132
74.125.200.156
74.125.200.94
74.125.24.105
74.125.24.149
74.125.24.154
74.125.24.155
74.125.24.156
74.125.24.94
74.125.68.156
009fd48f2a94c98298bb182abc95b44e1706ef5250f5969e1bd036d0232119ef
01d3085494dcd64b51dedcb5cd05820361e0b70dec19cae02d1f2e17c9e8eb41
09596118d42c93c42fa5316416d8900e9b2e048d52ea0ecb05fda0ae5a41474c
09bd774a25170dcd08e541944ea6fb510431464dc9552674419440856029654f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
11f4087d0ecf574c744e0003cbe20b2664db57df8111bfaefa5cfd89c95bb535
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20842146d4c30d0b6ef1a121c1297f484dae0b22466baf437d11131b97507bb6
212dfbe89adfecf6e63ad8e64ece1e81cf59d773a4834b2eb840c3e8bfefce48
234d7ed9b95b3b48921af94927fac0b94b2dc4f296b8dc19ea20482d62b8bbfd
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
25eff4b5ed35c58f15524b7685801c9d62ef0e7b24bbd1ddcbf399b344fc881e
2877d1d64d538beff1cfe396d920ca024a16d22be14e7a9fb93dd1995d52cb2a
2d86ae0bd0bf65b25efef6e3dcd79bf7c1969730053c112140c6d2dbb11768e8
2e717d253c592b0e237f2377438de9ceec0b5514f793b5eb3a9789b189845caa
34395ea8ee1719e85412f7cad28bb93e8c22eebcdc7b74331e014efd7eaf5f30
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
3619c1468e207e66ec8d47fc1a4776c27a20f383cf28f5650f594a026f12da79
39b12ec37d9c7b9aff1abca242ea2925ae185eeb18aaefa15718cfcb5ee6f33c
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3fe589631dc3f71c4525f8efe0e0d04851698b85ff68a03fa26aba98cf635ff0
406aa783c7cd864433acb30bebf0d8b37573b2e9022c1e8f51da0ef530c2e840
419349ed60e624cc3216bc42f51d250d2fd99b5e076abd37d53daa12ff10b2fd
495ebccf52ddea943b3fe1d2782faf86633c3bbfd42a5b2d1ba0ecc73e5eb2c6
49fce7604e0167519e2d882d18a494549020480dd65dd854bdba6f29d2cd9216
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c69ee5b42c98920df04b62cced66340e5eec35b0763f8329bd7d3bcada60084
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de57387bbeee592d6543be81c8a006aa37fcd3d744ffce1fd0ddab1051d660a
4e0309fa8609050f6251598192af6e51dd2679b76628cf6ca110f9a545067898
4f651bbea61996d5a1570779eea866f158b8b87513ed8a101c504daa42dedd91
4f9c522e07550626831d7f5af6fd8ec5036276896650cfa04bb002f3e5985c99
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515efbe0ee9a1d0b7c15a5d5b42a495f65259153f78089b5014dcc988f72925e
5551086b841c89e17871e2f0264d3c82de836f99a21270e8aeaafedda567e1c5
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ba6af8bd340ffb7fb078568374df5d6c9918445b121f6cb0acf606368c5b7d4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d8d1947de0f8d0401b573847d2325f31507a7df5128f1bd0269181cc0761dca
5e2fb2651b287d576819ff041820c2fa317271c2161688bfbba1d7b7ff533187
60b38712be4052c2bc7e41055dcbbc8dd535300bfd2b0def009a75fb408fb2b6
6284312b4709bdd67a38240e9a983307f348d72b2b9f39486f4cb22df1062f14
63603ff08279575003183a9b46fc6a92503417064cca99b618c5458d7348fe88
63fd3f0683ae21580c80c348d64867b6844ed5459071c5237a814563f811b30a
6cdf76eb0150b2e386b8df2df9f453fedef69c02c4e0d6477464443be4155dde
713cebcc0a5f9762e14dedffecb7a7712ea8455cc10aafe0527c24e472c5dc2a
75560503d03353e0880b93c71003172df0e184c0ed8f6c28ef0c1b1d91119aa2
75d0d112d9d756a24f3226af0fcacb3d24da3a1b55834f33271bf8af6fdfc704
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
87803362cec9692aed91815dee83d24387c0a3a266640242e00e7fd082f7702b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
918b6c0dcb12a71d06dca5b614efb975f1b1730064ba8126ae1a6538f5b97ae8
920b88ee5555db959e64d0ad3b9e1f7737540df1be91f58c2765afe65cbcb7d6
95fb59862594fd3e8eb5f2da37a0af4e8fb53998dbb123908d09291fa1ce0da9
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9e614768315b09833fe39c863a789f57ed2371d51e7a8ab92b61405c5a7cb166
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a104485f98b3b248fbcd9e4aff551035c75b5874c86bb6ee30de0b6b4166c86a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a596655d377bcd559498a944d3addeb74b62212c0522014a87bfc9634a0a1bef
a72557b76e3e4cc52b2b4be959e4e781fb7c76c773b903b6cc8c3ba21d63b9f2
aa4bde40b7fab28f308193b6faddcc454ca5f4e0aacf86bf8984f312ddc729c7
abfa6909122c2a13b1a5e908dd1644fd7c0a35e51111cfe63a6ea317bcf4b5d5
ad9bfff52aa20f1ae29d2d30b68678e53e31b5dfd1a970a4e8ab345187dc6bcb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2be9690df0743a9f43668acc742b67646739431cdbb08c298b306583fed66e5
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b65f8d3b4a1796b975bffbea43dd6367e4d04d060d16dc04e3554861c0f3e27d
b72d1821e82c011c7663488ddc87ccce8b43d4eb07108f65582a18b36e9d9f79
bb4d02d2480746bd00ae9e0188a1f262480bdbc866bf3ebf7b84052fec535b58
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c8c1318b2af94ddfd54aa4472b203bf7891d42582313697a5f1bd39476ab4e39
ce3fd5162d9d000a1b98ca4f9fed2faf3880febd0d1130776d7fa09bf66efd73
d68cff194f536c86c2df5e8bff6bb495c173fc721d2b0db7bff36699b28f24a7
d6da28d4ed0ee457a2fd4ff1144e8ba11465f1eda1ca3309cec73deaa4e0536d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df340b09190a909f02ba16449278e849d41824c83c31242041cb2cc3cc818f72
e041697f6dca33396ca095c8cdfc6be764176cf4950ee907a299c5e60463425c
e276125282398bd2ff74a96fc0a507c8cc916065f29619e84355a80a0dc4d458
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
eca3f87a64ab0730289c2775e5d879778ed375f60461d9262094f69fd5dad0c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41e546f7f4b4cef596c2f40da9e92e2c9cae7b871200540808e81dee60681cc
fad60abfc0de5ff2e8e4ef605603712efbc6adb0348e9c391c98a8fd526f161b
ff8b68f25ce129297603394be734adec0f58a7972c75a7de89028dd3ad5bddd4

wearedevs.net Open in urlscan Pro 104.26.6.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

93 %HTTPS

0 %IPv6

14 Domains

23 Subdomains

20 IPs

2 Countries

1873 kBTransfer

4478 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wearedevs.net Open in urlscan Pro
104.26.6.147 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

93 %
HTTPS

0 %
IPv6

14
Domains

23
Subdomains

20
IPs

2
Countries

1873 kB
Transfer

4478 kB
Size

13
Cookies

162 HTTP transactions
5 data transactions