URL: https://googleads.nextsmarter.com/login
Submission Tags: @phishunt_io
Submission: On September 24 via api from ES

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 77.83.142.48, located in Netherlands and belongs to FLY, US. The main domain is googleads.nextsmarter.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 23rd 2020. Valid for: 3 months.
This is the only time googleads.nextsmarter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 77.83.142.48 40509 (FLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 5.101.109.41 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
14 5
Domain Requested by
8 googleads.nextsmarter.com googleads.nextsmarter.com
static.cloudflareinsights.com
3 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com googleads.nextsmarter.com
1 reportz-storage.fra1.digitaloceanspaces.com googleads.nextsmarter.com
1 fonts.googleapis.com googleads.nextsmarter.com
14 5

This site contains links to these domains. Also see Links.

Domain
reportz.io
Subject Issuer Validity Valid
googleads.nextsmarter.com
Let's Encrypt Authority X3
2020-09-23 -
2020-12-22
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
*.fra1.digitaloceanspaces.com
DigiCert SHA2 Secure Server CA
2020-03-05 -
2021-04-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-11 -
2021-07-11
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://googleads.nextsmarter.com/login
Frame ID: 65BBCD9810125B7713A2BF53932A920F
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

14
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

317 kB
Transfer

1136 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set login
googleads.nextsmarter.com/
7 KB
4 KB
Document
General
Full URL
https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
15f39945a199890ab575a2c94afe6dc0d858985da5a292dd4acbcab25e861ee3
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
googleads.nextsmarter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
no-cache, private
Cf-Cache-Status
DYNAMIC
Cf-Ray
5d7941d58b11ca5f-YUL
Cf-Request-Id
055fa779710000ca5f5fbb2200000001
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Sep 2020 03:00:47 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
Fly.io (dcf56d0)
Server-Timing
bootstrap;desc="Bootstrap";dur=35.663843154907, app;desc="App";dur=43, total;desc="Total";dur=78.825950622559,
Set-Cookie
fly_cid=7471b95a-f149-4596-98b9-fd34c2b50ef1; Expires=Wed, 19 Sep 2040 03:01:00 GMT; HttpOnly __cfduid=d5eda2af5553640cc69d3e3985ea8fba41600916447; expires=Sat, 24-Oct-20 03:00:47 GMT; path=/; domain=.reportz.io; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IkxQdjkxQzAvVlBnUTZHNUJTdzhlNHc9PSIsInZhbHVlIjoiVEdtalJWaFM0d3lYYVlMc2c4UDRlZm5IKzNQbDF2QlNxeVJ6NnRBRXRKR2h4MWVBcHJVdjFuT29QMjJET3NycUpUZDBoNHJmUFpIVEczOHlwSEFJNEZjU0htTWFxZVlubytOdmFvaGI5UGFZY0FMVGlYZzhBNzd5Z0I0bDJQcFUiLCJtYWMiOiI3MjljMWY4YTBkODQ0MWQ3ZDM1Y2UzNzVkZTgzNTE3MjVjMzBlOWJlOGU5YThjYzdmODA2OWM4ZTQ1MTUyZWY2In0%3D; expires=Thu, 24-Sep-2020 05:00:47 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6InljZW91UDNPQWpZeHJaeEJlbkdEWHc9PSIsInZhbHVlIjoiRTZLcnZMd21wajdZVjhrOE9LSjF6aGFJMy8vWGpab1lMcWRQaW1IblFsS29HckRWNnFsYmlHTDg0L1hzSjM3cGdwSzJKS2M1dGFtWHpjU29wNlkvUTczeTdCNXR6d1dmRHAxQVByUnUxL2cvYnl0MUpyQ1RWZUVYSkdQczJXOGMiLCJtYWMiOiJiMmE3MWU3YzFmZDBiNmNkY2I4OGIxYzg3MzA1YjU2OTFhOTA0NDVjYTExYTgzZDI2MzM3M2Y3ZjIwNzkzNDA3In0%3D; expires=Thu, 24-Sep-2020 05:00:47 GMT; Max-Age=7200; path=/; httponly; samesite=lax DO-LB=node-170119449|X2wL4|X2wL4; path=/; SameSite=Lax
Strict-Transport-Security
max-age=15552000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
Transfer-Encoding
chunked
css
fonts.googleapis.com/
13 KB
960 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e91871372fcdd2a591971fe2ed042d4d4f59eee7fcc48fd4fe4b49ca54d7a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Sep 2020 03:00:47 GMT
server
ESF
date
Thu, 24 Sep 2020 03:00:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Sep 2020 03:00:47 GMT
main.css
googleads.nextsmarter.com/css/
305 KB
43 KB
Stylesheet
General
Full URL
https://googleads.nextsmarter.com/css/main.css?id=162296b7921a970fbf8f
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
95406662a9e01c01f2c49450e8471c8380cad41d48dfa7cea2f2715aa32f77f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77af00000ecfee33aa200000001
Content-Encoding
gzip
Etag
W/"5f64cc33-4c266"
Cf-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:03:15 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:48 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Cf-Ray
5d7941d7ea48ecfe-YUL
X-Content-Type-Options
nosniff
e6ceea92a4d13ba9ed484fb47547cd23.png
reportz-storage.fra1.digitaloceanspaces.com/uploads/
5 KB
5 KB
Image
General
Full URL
https://reportz-storage.fra1.digitaloceanspaces.com/uploads/e6ceea92a4d13ba9ed484fb47547cd23.png
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.101.109.41 , Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
d0ea6ddeb361d8bf9b0f9ede0def800f555be1de34ea261eb1c2c44a0a5da5e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 24 Sep 2020 03:00:48 GMT
Last-Modified
Wed, 30 Oct 2019 09:57:06 GMT
x-amz-request-id
tx0000000000000040e95f7-005f6c0be0-32b747d-fra1a
ETag
"5afc2a0708fe793a746a7140e106d7b5"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/png
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
5102
google.svg
googleads.nextsmarter.com/img/social/
2 KB
2 KB
Image
General
Full URL
https://googleads.nextsmarter.com/img/social/google.svg
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
398dc1685da0088c6eb7d3c96fc6eb1f5f5675197342c6d58a43d331899b75e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77c830000f031fe191200000001
Content-Encoding
gzip
Etag
W/"5f64cbc7-61b"
Cf-Cache-Status
DYNAMIC
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
840
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:01:27 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:48 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Cf-Ray
5d7941da6961f031-EWR
X-Content-Type-Options
nosniff
main.js
googleads.nextsmarter.com/js/
751 KB
221 KB
Script
General
Full URL
https://googleads.nextsmarter.com/js/main.js?id=d2c399835072c6ed9885
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
61c66f93c5e61d3e5f68ffb94ce384ca5c4dda7ecaaf62b1e8322a5c5d868780
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77c5000003f9f05bf1200000001
Content-Encoding
gzip
Etag
W/"5f64cc33-bbdb2"
Cf-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:03:15 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:48 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Cf-Ray
5d7941da1a203f9f-YUL
X-Content-Type-Options
nosniff
beacon.min.js
static.cloudflareinsights.com/
10 KB
4 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238fd13c4393c3f9851a3e58a475a5fcac69f09944f40c0319db7a6797aa6cf5

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 24 Sep 2020 03:00:48 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cf-ray
5d7941d9f8f105bf-FRA
cf-request-id
055fa77c37000005bf6035e200000001
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.nextsmarter.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 18:23:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
117450
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Wed, 22 Sep 2021 18:23:18 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.nextsmarter.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 18:23:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
117420
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Wed, 22 Sep 2021 18:23:48 GMT
fa-brands-400.woff2
googleads.nextsmarter.com/fonts/
992 B
2 KB
Font
General
Full URL
https://googleads.nextsmarter.com/fonts/fa-brands-400.woff2?051c355594759f52c88e66ff62042302
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/css/main.css?id=162296b7921a970fbf8f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
d5df64dfb512031c882d5292e0d6277458b194b251ca1f6052fa0c2799f4c4e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://googleads.nextsmarter.com
Referer
https://googleads.nextsmarter.com/css/main.css?id=162296b7921a970fbf8f
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77db500003fb1a8881200000001
Etag
"5f64cc33-3e0"
Cf-Cache-Status
DYNAMIC
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
992
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:03:15 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:48 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/octet-stream
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Accept-Ranges
bytes
Cf-Ray
5d7941dc58553fb1-YUL
X-Content-Type-Options
nosniff
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.nextsmarter.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800&subset=latin-ext&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 18:25:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
117318
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Wed, 22 Sep 2021 18:25:30 GMT
404.js
googleads.nextsmarter.com/js/chunks/
1 KB
2 KB
Script
General
Full URL
https://googleads.nextsmarter.com/js/chunks/404.js?id=a1cc5d5f83ec1f0a310f
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/js/main.js?id=d2c399835072c6ed9885
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
83b0bcb0b675de9f2ea3ee7e74c71fc6e91d582f4a7ae7b5a3d82273bad14000
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77f040000ece2f3ab8200000001
Etag
W/"5f64cc33-49b"
Cf-Cache-Status
DYNAMIC
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1179
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:03:15 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:49 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Cf-Ray
5d7941de6a14ece2-YUL
X-Content-Type-Options
nosniff
cookie_consent_background.svg
googleads.nextsmarter.com/img/
15 KB
4 KB
Image
General
Full URL
https://googleads.nextsmarter.com/img/cookie_consent_background.svg
Requested by
Host: googleads.nextsmarter.com
URL: https://googleads.nextsmarter.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
4decab6ec392b519f7c3bbf8afb753c7adafcb12ea666d1cd062126bf2c6088a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cf-Request-Id
055fa77f170000ca53e822c200000001
Content-Encoding
gzip
Etag
W/"5f64cbc7-3cfe"
Cf-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552000
Alt-Svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
X-Xss-Protection
1; mode=block
Last-Modified
Fri, 18 Sep 2020 15:01:27 GMT
Server
Fly.io (dcf56d0)
X-Frame-Options
SAMEORIGIN
Date
Thu, 24 Sep 2020 03:00:49 GMT
Expect-Ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
private
Content-Security-Policy
frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Cf-Ray
5d7941de8b5dca53-YUL
X-Content-Type-Options
nosniff
performance
googleads.nextsmarter.com/cdn-cgi/beacon/
0
384 B
XHR
General
Full URL
https://googleads.nextsmarter.com/cdn-cgi/beacon/performance?req_id=5d7941d58b11ca5f
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.83.142.48 , Netherlands, ASN40509 (FLY, US),
Reverse DNS
Software
Fly.io (dcf56d0) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://googleads.nextsmarter.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 24 Sep 2020 03:00:49 GMT
Vary
Accept-Encoding
Server
Fly.io (dcf56d0)
Cf-Request-Id
055fa780390000ecf645b9c200000001
Cf-Ray
5d7941e05cc1ecf6-YUL
X-Frame-Options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer object| SOCKET object| intercomSettings object| webpackJsonp object| flare function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| axios function| Pusher object| vue function| fsClosedPopup function| fsErrorCallback function| fsDataCallback function| fsDecorateURLFunction

4 Cookies

Domain/Path Name / Value
googleads.nextsmarter.com/ Name: DO-LB
Value: node-170119449|X2wL5|X2wL4
googleads.nextsmarter.com/ Name: laravel_session
Value: eyJpdiI6InljZW91UDNPQWpZeHJaeEJlbkdEWHc9PSIsInZhbHVlIjoiRTZLcnZMd21wajdZVjhrOE9LSjF6aGFJMy8vWGpab1lMcWRQaW1IblFsS29HckRWNnFsYmlHTDg0L1hzSjM3cGdwSzJKS2M1dGFtWHpjU29wNlkvUTczeTdCNXR6d1dmRHAxQVByUnUxL2cvYnl0MUpyQ1RWZUVYSkdQczJXOGMiLCJtYWMiOiJiMmE3MWU3YzFmZDBiNmNkY2I4OGIxYzg3MzA1YjU2OTFhOTA0NDVjYTExYTgzZDI2MzM3M2Y3ZjIwNzkzNDA3In0%3D
googleads.nextsmarter.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxQdjkxQzAvVlBnUTZHNUJTdzhlNHc9PSIsInZhbHVlIjoiVEdtalJWaFM0d3lYYVlMc2c4UDRlZm5IKzNQbDF2QlNxeVJ6NnRBRXRKR2h4MWVBcHJVdjFuT29QMjJET3NycUpUZDBoNHJmUFpIVEczOHlwSEFJNEZjU0htTWFxZVlubytOdmFvaGI5UGFZY0FMVGlYZzhBNzd5Z0I0bDJQcFUiLCJtYWMiOiI3MjljMWY4YTBkODQ0MWQ3ZDM1Y2UzNzVkZTgzNTE3MjVjMzBlOWJlOGU5YThjYzdmODA2OWM4ZTQ1MTUyZWY2In0%3D
googleads.nextsmarter.com/ Name: fly_cid
Value: 7471b95a-f149-4596-98b9-fd34c2b50ef1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://reportz.io https://app.marketplan.io https://app.clickup.com https://app.leadsurance.com https://portal.revolutionmediamarketing.com https://mpdnhub.info https://ericksonbuilt.com
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block